Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-29371 (GCVE-0-2024-29371)
Vulnerability from cvelistv5 – Published: 2025-12-17 00:00 – Updated: 2026-01-23 19:28
VLAI?
EPSS
Summary
In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression.
Severity ?
7.5 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-29371",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-17T18:38:20.096134Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1259",
"description": "CWE-1259 Improper Restriction of Security Token Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-17T18:48:36.126Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-23T19:28:10.386Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-29371",
"datePublished": "2025-12-17T00:00:00.000Z",
"dateReserved": "2024-03-19T00:00:00.000Z",
"dateUpdated": "2026-01-23T19:28:10.386Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-29371",
"date": "2026-05-04",
"epss": "0.00023",
"percentile": "0.06283"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-29371\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2025-12-17T16:16:04.567\",\"lastModified\":\"2026-01-23T20:15:51.650\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1259\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jose4j_project:jose4j:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.9.5\",\"matchCriteriaId\":\"DE62FF6D-FC62-42B0-9ED4-76A0C4419975\"}]}]}],\"references\":[{\"url\":\"https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Mitigation\"]},{\"url\":\"https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Mitigation\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-29371\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-17T18:38:20.096134Z\"}}}], \"references\": [{\"url\": \"https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack\", \"tags\": [\"exploit\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1259\", \"description\": \"CWE-1259 Improper Restriction of Security Token Assignment\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-17T18:15:31.759Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2026-01-23T19:28:10.386Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-29371\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-01-23T19:28:10.386Z\", \"dateReserved\": \"2024-03-19T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2025-12-17T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
CERTFR-2026-AVI-0523
Vulnerability from certfr_avis - Published: 2026-04-30 - Updated: 2026-04-30
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling Connect:Direct | Sterling Connect:Direct for Microsoft Windows versions 6.3.0.x antérieures à 6.3.0.6_iFix048 | ||
| IBM | WebSphere | WebSphere Application Server - Liberty versions 17.0.0.3 à 26.0.0.4 sans le dernier correctif de sécurité | ||
| IBM | Informix Dynamic Server | Informix Dynamic Server versions 15.0 sans le correctif de sécurité HQ 3.2.2 | ||
| IBM | Informix Dynamic Server | Informix Dynamic Server versions 12.10.x sans le correctif de sécurité HQ 3.2.2 | ||
| IBM | Informix Dynamic Server | Informix Dynamic Server versions 14.10 sans le correctif de sécurité HQ 3.2.2 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct for Microsoft Windows versions 6.4.0.x antérieures à 6.4.0.4_iFix019 | ||
| IBM | Security QRadar Log Management AQL | greffon Security QRadar Log Management AQL versions 1.x antérieures à 1.1.5 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sterling Connect:Direct for Microsoft Windows versions 6.3.0.x ant\u00e9rieures \u00e0 6.3.0.6_iFix048",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server - Liberty versions 17.0.0.3 \u00e0 26.0.0.4 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Informix Dynamic Server versions 15.0 sans le correctif de s\u00e9curit\u00e9 HQ 3.2.2",
"product": {
"name": "Informix Dynamic Server",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Informix Dynamic Server versions 12.10.x sans le correctif de s\u00e9curit\u00e9 HQ 3.2.2",
"product": {
"name": "Informix Dynamic Server",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Informix Dynamic Server versions 14.10 sans le correctif de s\u00e9curit\u00e9 HQ 3.2.2",
"product": {
"name": "Informix Dynamic Server",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct for Microsoft Windows versions 6.4.0.x ant\u00e9rieures \u00e0 6.4.0.4_iFix019",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "greffon Security QRadar Log Management AQL versions 1.x ant\u00e9rieures \u00e0 1.1.5",
"product": {
"name": "Security QRadar Log Management AQL",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-22737",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22737"
},
{
"name": "CVE-2026-22610",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22610"
},
{
"name": "CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"name": "CVE-2026-3621",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3621"
},
{
"name": "CVE-2025-66412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66412"
},
{
"name": "CVE-2025-66035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66035"
},
{
"name": "CVE-2026-2391",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2391"
},
{
"name": "CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"name": "CVE-2026-22029",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22029"
},
{
"name": "CVE-2026-24051",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24051"
},
{
"name": "CVE-2021-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
},
{
"name": "CVE-2026-4800",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4800"
},
{
"name": "CVE-2025-67030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-67030"
},
{
"name": "CVE-2026-0540",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0540"
},
{
"name": "CVE-2026-33532",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33532"
},
{
"name": "CVE-2025-68470",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68470"
},
{
"name": "CVE-2026-33228",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33228"
},
{
"name": "CVE-2026-27970",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27970"
},
{
"name": "CVE-2026-2950",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2950"
},
{
"name": "CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"name": "CVE-2025-15599",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15599"
},
{
"name": "CVE-2024-31033",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31033"
},
{
"name": "CVE-2026-26278",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26278"
},
{
"name": "CVE-2026-22735",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22735"
},
{
"name": "CVE-2026-27601",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27601"
},
{
"name": "CVE-2026-32141",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32141"
},
{
"name": "CVE-2025-13465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13465"
}
],
"initial_release_date": "2026-04-30T00:00:00",
"last_revision_date": "2026-04-30T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0523",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-04-30T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2026-04-27",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7270805",
"url": "https://www.ibm.com/support/pages/node/7270805"
},
{
"published_at": "2026-04-27",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7270827",
"url": "https://www.ibm.com/support/pages/node/7270827"
},
{
"published_at": "2026-04-27",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7270869",
"url": "https://www.ibm.com/support/pages/node/7270869"
},
{
"published_at": "2026-04-27",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7270820",
"url": "https://www.ibm.com/support/pages/node/7270820"
},
{
"published_at": "2026-04-27",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7270845",
"url": "https://www.ibm.com/support/pages/node/7270845"
},
{
"published_at": "2026-04-27",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7270868",
"url": "https://www.ibm.com/support/pages/node/7270868"
},
{
"published_at": "2026-04-27",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7270775",
"url": "https://www.ibm.com/support/pages/node/7270775"
},
{
"published_at": "2026-04-24",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7270692",
"url": "https://www.ibm.com/support/pages/node/7270692"
}
]
}
CERTFR-2026-AVI-0479
Vulnerability from certfr_avis - Published: 2026-04-22 - Updated: 2026-04-22
De multiples vulnérabilités ont été découvertes dans les produits Atlassian. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Atlassian | Confluence | Confluence Data Center versions 10.x antérieures à 10.2.10 | ||
| Atlassian | Jira | Jira Service Management Data Center versions 11.x antérieures à 11.3.4 | ||
| Atlassian | Jira | Jira Software Server versions antérieures à 9.12.33 | ||
| Atlassian | Confluence | Confluence Data Center versions antérieures à 9.2.19 | ||
| Atlassian | Jira | Jira Software Data Center versions 10.x antérieures à 10.3.19 | ||
| Atlassian | Jira | Jira Software Data Center versions antérieures à 9.12.34 | ||
| Atlassian | Jira | Jira Service Management Data Center versions antérieures à 10.3.19 | ||
| Atlassian | Jira | Jira Service Management Server versions antérieures à 10.3.13 | ||
| Atlassian | Jira | Jira Software Server versions 10.x antérieures à 10.3.16 | ||
| Atlassian | Jira | Jira Software Data Center versions 11.x antérieures à 11.3.4 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Confluence Data Center versions 10.x ant\u00e9rieures \u00e0 10.2.10",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Service Management Data Center versions 11.x ant\u00e9rieures \u00e0 11.3.4",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Software Server versions ant\u00e9rieures \u00e0 9.12.33",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Confluence Data Center versions ant\u00e9rieures \u00e0 9.2.19",
"product": {
"name": "Confluence",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Software Data Center versions 10.x ant\u00e9rieures \u00e0 10.3.19",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Software Data Center versions ant\u00e9rieures \u00e0 9.12.34",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Service Management Data Center versions ant\u00e9rieures \u00e0 10.3.19",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Service Management Server versions ant\u00e9rieures \u00e0 10.3.13",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Software Server versions 10.x ant\u00e9rieures \u00e0 10.3.16",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
},
{
"description": "Jira Software Data Center versions 11.x ant\u00e9rieures \u00e0 11.3.4",
"product": {
"name": "Jira",
"vendor": {
"name": "Atlassian",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-33871",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33871"
},
{
"name": "CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"name": "CVE-2021-0341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0341"
},
{
"name": "CVE-2023-48631",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48631"
},
{
"name": "CVE-2026-23745",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23745"
},
{
"name": "CVE-2026-33870",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33870"
},
{
"name": "CVE-2026-22029",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22029"
},
{
"name": "CVE-2023-3635",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3635"
},
{
"name": "CVE-2026-26960",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26960"
},
{
"name": "CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"name": "CVE-2021-31597",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31597"
},
{
"name": "CVE-2026-24842",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24842"
},
{
"name": "CVE-2026-23950",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23950"
},
{
"name": "CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"name": "CVE-2024-47875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47875"
},
{
"name": "CVE-2026-25639",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25639"
},
{
"name": "CVE-2025-66020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66020"
},
{
"name": "CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"name": "CVE-2026-29063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29063"
},
{
"name": "CVE-2026-31802",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31802"
},
{
"name": "CVE-2026-25547",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25547"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
}
],
"initial_release_date": "2026-04-22T00:00:00",
"last_revision_date": "2026-04-22T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0479",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-04-22T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Atlassian. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Atlassian",
"vendor_advisories": [
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26754",
"url": "https://jira.atlassian.com/browse/JSWSERVER-26754"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16542",
"url": "https://jira.atlassian.com/browse/JSDSERVER-16542"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26657",
"url": "https://jira.atlassian.com/browse/JSWSERVER-26657"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16551",
"url": "https://jira.atlassian.com/browse/JSDSERVER-16551"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26764",
"url": "https://jira.atlassian.com/browse/JSWSERVER-26764"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-103476",
"url": "https://jira.atlassian.com/browse/CONFSERVER-103476"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-103467",
"url": "https://jira.atlassian.com/browse/CONFSERVER-103467"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-103471",
"url": "https://jira.atlassian.com/browse/CONFSERVER-103471"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-103469",
"url": "https://jira.atlassian.com/browse/CONFSERVER-103469"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-103475",
"url": "https://jira.atlassian.com/browse/CONFSERVER-103475"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16544",
"url": "https://jira.atlassian.com/browse/JSDSERVER-16544"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-103470",
"url": "https://jira.atlassian.com/browse/CONFSERVER-103470"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-103472",
"url": "https://jira.atlassian.com/browse/CONFSERVER-103472"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-103612",
"url": "https://jira.atlassian.com/browse/CONFSERVER-103612"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-103539",
"url": "https://jira.atlassian.com/browse/CONFSERVER-103539"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-103474",
"url": "https://jira.atlassian.com/browse/CONFSERVER-103474"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26666",
"url": "https://jira.atlassian.com/browse/JSWSERVER-26666"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16557",
"url": "https://jira.atlassian.com/browse/JSDSERVER-16557"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-103517",
"url": "https://jira.atlassian.com/browse/CONFSERVER-103517"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16550",
"url": "https://jira.atlassian.com/browse/JSDSERVER-16550"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16540",
"url": "https://jira.atlassian.com/browse/JSDSERVER-16540"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26765",
"url": "https://jira.atlassian.com/browse/JSWSERVER-26765"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26763",
"url": "https://jira.atlassian.com/browse/JSWSERVER-26763"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26760",
"url": "https://jira.atlassian.com/browse/JSWSERVER-26760"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16552",
"url": "https://jira.atlassian.com/browse/JSDSERVER-16552"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16556",
"url": "https://jira.atlassian.com/browse/JSDSERVER-16556"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-102567",
"url": "https://jira.atlassian.com/browse/CONFSERVER-102567"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-103473",
"url": "https://jira.atlassian.com/browse/CONFSERVER-103473"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-103516",
"url": "https://jira.atlassian.com/browse/CONFSERVER-103516"
},
{
"published_at": "2026-04-21",
"title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-103518",
"url": "https://jira.atlassian.com/browse/CONFSERVER-103518"
}
]
}
CERTFR-2026-AVI-0224
Vulnerability from certfr_avis - Published: 2026-02-27 - Updated: 2026-02-27
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
IBM indique les versions correctives 9.0.5.27 et 26.0.0.3 pour WebSphere Application Server seront disponibles au cours du premier trimestre 2026. La version 8.5.5.30 sera disponible au troisième trimestre 2026.
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | WebSphere | WebSphere Application Server versions 8.x antérieures à 8.5.5.30 | ||
| IBM | WebSphere | WebSphere Application Server - Liberty versions antérieures à 26.0.0.3 | ||
| IBM | QRadar Assistant | QRadar AI Assistant versions antérieures à 1.3.1 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.1.x antérieures à 6.1.0.3 GA | ||
| IBM | QRadar | QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP14 IF05 | ||
| IBM | Sterling | Sterling Transformation Extender sans l'application des mesures de contournement décrites par l'éditeur | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.2.1.x antérieures à 6.2.1.1 GA | ||
| IBM | Db2 | Db2 mirror pour i sans les derniers correctifs de sécurité | ||
| IBM | WebSphere | WebSphere Application Server versions 9.x antérieures à 9.0.5.27 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.2.x antérieures à 6.2.0.3 GA | ||
| IBM | Cognos Command Center | Cognos Command Center versions antérieures à 10.2.5 FP1 IF3 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "WebSphere Application Server versions 8.x ant\u00e9rieures \u00e0 8.5.5.30",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server - Liberty versions ant\u00e9rieures \u00e0 26.0.0.3",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar AI Assistant versions ant\u00e9rieures \u00e0 1.3.1",
"product": {
"name": "QRadar Assistant",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.3 GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP14 IF05",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Transformation Extender sans l\u0027application des mesures de contournement d\u00e9crites par l\u0027\u00e9diteur",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.2.1.x ant\u00e9rieures \u00e0 6.2.1.1 GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 mirror pour i sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server versions 9.x ant\u00e9rieures \u00e0 9.0.5.27",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.3 GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Command Center versions ant\u00e9rieures \u00e0 10.2.5 FP1 IF3",
"product": {
"name": "Cognos Command Center",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "IBM indique les versions correctives 9.0.5.27 et 26.0.0.3 pour WebSphere Application Server seront disponibles au cours du premier trimestre 2026. La version 8.5.5.30 sera disponible au troisi\u00e8me trimestre 2026.",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-21933",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21933"
},
{
"name": "CVE-2026-21932",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21932"
},
{
"name": "CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"name": "CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"name": "CVE-2025-65106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65106"
},
{
"name": "CVE-2026-22610",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22610"
},
{
"name": "CVE-2025-66412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66412"
},
{
"name": "CVE-2025-40240",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40240"
},
{
"name": "CVE-2025-69223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69223"
},
{
"name": "CVE-2025-66035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66035"
},
{
"name": "CVE-2025-68664",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68664"
},
{
"name": "CVE-2026-22701",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22701"
},
{
"name": "CVE-2026-23745",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23745"
},
{
"name": "CVE-2026-22690",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22690"
},
{
"name": "CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"name": "CVE-2025-69230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69230"
},
{
"name": "CVE-2025-66019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66019"
},
{
"name": "CVE-2026-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21925"
},
{
"name": "CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"name": "CVE-2025-69225",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69225"
},
{
"name": "CVE-2026-21860",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21860"
},
{
"name": "CVE-2025-40277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40277"
},
{
"name": "CVE-2023-53673",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53673"
},
{
"name": "CVE-2026-1615",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1615"
},
{
"name": "CVE-2025-69227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69227"
},
{
"name": "CVE-2026-1188",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1188"
},
{
"name": "CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"name": "CVE-2025-68146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68146"
},
{
"name": "CVE-2025-66030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66030"
},
{
"name": "CVE-2025-61140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61140"
},
{
"name": "CVE-2025-66221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66221"
},
{
"name": "CVE-2025-69228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69228"
},
{
"name": "CVE-2025-39993",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39993"
},
{
"name": "CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"name": "CVE-2025-40154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40154"
},
{
"name": "CVE-2025-13601",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13601"
},
{
"name": "CVE-2025-69226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69226"
},
{
"name": "CVE-2026-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21945"
},
{
"name": "CVE-2025-40248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40248"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2025-69224",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69224"
},
{
"name": "CVE-2025-64756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64756"
},
{
"name": "CVE-2025-69229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69229"
},
{
"name": "CVE-2025-68480",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68480"
},
{
"name": "CVE-2025-14847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14847"
},
{
"name": "CVE-2025-68285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68285"
},
{
"name": "CVE-2025-68615",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68615"
},
{
"name": "CVE-2026-22691",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22691"
},
{
"name": "CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
}
],
"initial_release_date": "2026-02-27T00:00:00",
"last_revision_date": "2026-02-27T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0224",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-02-27T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2026-02-26",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7261959",
"url": "https://www.ibm.com/support/pages/node/7261959"
},
{
"published_at": "2026-02-25",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7261794",
"url": "https://www.ibm.com/support/pages/node/7261794"
},
{
"published_at": "2026-02-25",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7261890",
"url": "https://www.ibm.com/support/pages/node/7261890"
},
{
"published_at": "2026-02-25",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7261887",
"url": "https://www.ibm.com/support/pages/node/7261887"
},
{
"published_at": "2026-02-26",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7261935",
"url": "https://www.ibm.com/support/pages/node/7261935"
},
{
"published_at": "2026-02-20",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7261436",
"url": "https://www.ibm.com/support/pages/node/7261436"
},
{
"published_at": "2026-02-25",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7261774",
"url": "https://www.ibm.com/support/pages/node/7261774"
}
]
}
CERTFR-2026-AVI-0327
Vulnerability from certfr_avis - Published: 2026-03-20 - Updated: 2026-03-20
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling B2B Integrator | Sterling B2B Integrator et Sterling File Gateway versions 6.1.x antérieures à 6.1.2.8 | ||
| IBM | Sterling | Sterling Control Center versions 6.4.2.x antérieures à 6.4.2.0 iFix01 | ||
| IBM | Sterling B2B Integrator | Sterling B2B Integrator et Sterling File Gateway versions 6.2.2.x antérieures à 6.2.2.0_1 | ||
| IBM | Informix Dynamic Server | Informix Dynamic Server versions 12.10.x antérieures à 12.10.xC16W6 | ||
| IBM | WebSphere | WebSphere Hybrid Edition version 5.1 sans les correctifs de sécurité PH69757 et PH69729 | ||
| IBM | Sterling B2B Integrator | Sterling B2B Integrator et Sterling File Gateway versions 6.2.x antérieures à 6.2.0.5_2 | ||
| IBM | QRadar SIEM | QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP15 | ||
| IBM | QRadar Suite Software | QRadar Suite Software versions 1.10.12.x antérieures à 1.11.9.0 | ||
| IBM | Sterling | Sterling Control Center versions 6.3.1.x antérieures à 6.3.1.0 iFix07 | ||
| IBM | Cloud Pak | Cloud Pak for Security versions 1.10.x antérieures à 1.11.9.0 | ||
| IBM | Sterling | Sterling Control Center versions 6.4.1.x antérieures à 6.4.1.0 iFix01 | ||
| IBM | Sterling B2B Integrator | Sterling B2B Integrator et Sterling File Gateway versions 6.2.1.x antérieures à 6.2.1.1_2 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sterling B2B Integrator et Sterling File Gateway versions 6.1.x ant\u00e9rieures \u00e0 6.1.2.8",
"product": {
"name": "Sterling B2B Integrator",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Control Center versions 6.4.2.x ant\u00e9rieures \u00e0 6.4.2.0 iFix01",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling B2B Integrator et Sterling File Gateway versions 6.2.2.x ant\u00e9rieures \u00e0 6.2.2.0_1",
"product": {
"name": "Sterling B2B Integrator",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Informix Dynamic Server versions 12.10.x ant\u00e9rieures \u00e0 12.10.xC16W6",
"product": {
"name": "Informix Dynamic Server",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Hybrid Edition version 5.1 sans les correctifs de s\u00e9curit\u00e9 PH69757 et PH69729",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling B2B Integrator et Sterling File Gateway versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.5_2",
"product": {
"name": "Sterling B2B Integrator",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP15",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Suite Software versions 1.10.12.x ant\u00e9rieures \u00e0 1.11.9.0",
"product": {
"name": "QRadar Suite Software",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Control Center versions 6.3.1.x ant\u00e9rieures \u00e0 6.3.1.0 iFix07",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cloud Pak for Security versions 1.10.x ant\u00e9rieures \u00e0 1.11.9.0",
"product": {
"name": "Cloud Pak",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Control Center versions 6.4.1.x ant\u00e9rieures \u00e0 6.4.1.0 iFix01",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling B2B Integrator et Sterling File Gateway versions 6.2.1.x ant\u00e9rieures \u00e0 6.2.1.1_2",
"product": {
"name": "Sterling B2B Integrator",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-32996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32996"
},
{
"name": "CVE-2025-62727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62727"
},
{
"name": "CVE-2026-21933",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21933"
},
{
"name": "CVE-2026-21932",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21932"
},
{
"name": "CVE-2025-68349",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68349"
},
{
"name": "CVE-2025-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9287"
},
{
"name": "CVE-2025-14242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14242"
},
{
"name": "CVE-2024-47831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47831"
},
{
"name": "CVE-2025-32421",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32421"
},
{
"name": "CVE-2025-12084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12084"
},
{
"name": "CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"name": "CVE-2025-6176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6176"
},
{
"name": "CVE-2024-51479",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51479"
},
{
"name": "CVE-2025-15367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15367"
},
{
"name": "CVE-2025-39933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39933"
},
{
"name": "CVE-2025-22150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22150"
},
{
"name": "CVE-2022-46337",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46337"
},
{
"name": "CVE-2025-38022",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38022"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2025-40322",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40322"
},
{
"name": "CVE-2025-38459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
},
{
"name": "CVE-2025-40271",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40271"
},
{
"name": "CVE-2024-11831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11831"
},
{
"name": "CVE-2026-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21925"
},
{
"name": "CVE-2022-50673",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50673"
},
{
"name": "CVE-2025-38024",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38024"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2025-6545",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6545"
},
{
"name": "CVE-2025-40269",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40269"
},
{
"name": "CVE-2025-55173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55173"
},
{
"name": "CVE-2025-4897",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4897"
},
{
"name": "CVE-2025-48068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48068"
},
{
"name": "CVE-2025-27152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27152"
},
{
"name": "CVE-2025-57752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57752"
},
{
"name": "CVE-2025-32997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32997"
},
{
"name": "CVE-2026-1188",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1188"
},
{
"name": "CVE-2023-53552",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53552"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"name": "CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"name": "CVE-2025-57350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57350"
},
{
"name": "CVE-2025-66453",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66453"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2025-15366",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15366"
},
{
"name": "CVE-2026-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0865"
},
{
"name": "CVE-2025-40158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40158"
},
{
"name": "CVE-2025-58457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58457"
},
{
"name": "CVE-2025-48913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48913"
},
{
"name": "CVE-2025-59250",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59250"
},
{
"name": "CVE-2025-14104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14104"
},
{
"name": "CVE-2024-52798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52798"
},
{
"name": "CVE-2025-64775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64775"
},
{
"name": "CVE-2025-39760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39760"
},
{
"name": "CVE-2025-40135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40135"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2020-7660",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7660"
},
{
"name": "CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"name": "CVE-2025-38403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38403"
},
{
"name": "CVE-2025-14031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14031"
},
{
"name": "CVE-2025-23184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23184"
},
{
"name": "CVE-2025-38415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38415"
},
{
"name": "CVE-2022-50865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50865"
},
{
"name": "CVE-2025-29927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29927"
},
{
"name": "CVE-2025-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27533"
},
{
"name": "CVE-2023-44483",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44483"
},
{
"name": "CVE-2026-1299",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1299"
},
{
"name": "CVE-2025-40170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40170"
},
{
"name": "CVE-2026-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21945"
},
{
"name": "CVE-2026-1264",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1264"
},
{
"name": "CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-66675",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66675"
},
{
"name": "CVE-2025-68301",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68301"
},
{
"name": "CVE-2025-38051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
},
{
"name": "CVE-2026-22998",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22998"
},
{
"name": "CVE-2025-40258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40258"
},
{
"name": "CVE-2025-6547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6547"
},
{
"name": "CVE-2025-40096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40096"
},
{
"name": "CVE-2025-57352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57352"
},
{
"name": "CVE-2024-26766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26766"
},
{
"name": "CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
}
],
"initial_release_date": "2026-03-20T00:00:00",
"last_revision_date": "2026-03-20T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0327",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-03-20T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2026-03-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7266518",
"url": "https://www.ibm.com/support/pages/node/7266518"
},
{
"published_at": "2026-03-13",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7263574",
"url": "https://www.ibm.com/support/pages/node/7263574"
},
{
"published_at": "2026-03-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7266520",
"url": "https://www.ibm.com/support/pages/node/7266520"
},
{
"published_at": "2026-03-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7266678",
"url": "https://www.ibm.com/support/pages/node/7266678"
},
{
"published_at": "2026-03-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7266497",
"url": "https://www.ibm.com/support/pages/node/7266497"
},
{
"published_at": "2026-03-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7266324",
"url": "https://www.ibm.com/support/pages/node/7266324"
},
{
"published_at": "2026-03-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7266711",
"url": "https://www.ibm.com/support/pages/node/7266711"
},
{
"published_at": "2026-03-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7266677",
"url": "https://www.ibm.com/support/pages/node/7266677"
},
{
"published_at": "2026-03-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7266399",
"url": "https://www.ibm.com/support/pages/node/7266399"
},
{
"published_at": "2026-03-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7266321",
"url": "https://www.ibm.com/support/pages/node/7266321"
}
]
}
CERTFR-2026-AVI-0372
Vulnerability from certfr_avis - Published: 2026-03-27 - Updated: 2026-03-27
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
L'éditeur indique que les versions correctives suivantes seront mises à disposition ultérieurement : - WebSphere Application Server - Liberty 26.0.0.4 (deuxième trimestre 2026)
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | WebSphere | WebSphere Remote Server versions 9.1, 9.0 et 8.5 sans le dernier correctif de sécurité | ||
| IBM | WebSphere | WebSphere Application Server - Liberty sans le correctif APAR PH70510 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct pour UNIX versions 6.4.x antérieures à 6.4.0.5 | ||
| IBM | WebSphere | WebSphere eXtreme Scale versions 8.6.1.x antérieures à 8.6.1.6 sans le correctif APAR PH70422 | ||
| IBM | Security QRadar Log Management AQL | greffon Security QRadar Log Management AQL versions 1.x antérieures à 1.1.4 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct pour UNIX versions 6.3.x antérieures à 6.3.0.7 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct FTP+ versions 1.3.0.x antérieures à 1.3.0.4 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "WebSphere Remote Server versions 9.1, 9.0 et 8.5 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server - Liberty sans le correctif APAR PH70510",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct pour UNIX versions 6.4.x ant\u00e9rieures \u00e0 6.4.0.5",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere eXtreme Scale versions 8.6.1.x ant\u00e9rieures \u00e0 8.6.1.6 sans le correctif APAR PH70422",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "greffon Security QRadar Log Management AQL versions 1.x ant\u00e9rieures \u00e0 1.1.4",
"product": {
"name": "Security QRadar Log Management AQL",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct pour UNIX versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.7",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct FTP+ versions 1.3.0.x ant\u00e9rieures \u00e0 1.3.0.4",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "L\u0027\u00e9diteur indique que les versions correctives suivantes seront mises \u00e0 disposition ult\u00e9rieurement : \n- WebSphere Application Server - Liberty 26.0.0.4 (deuxi\u00e8me trimestre 2026)",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-21933",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21933"
},
{
"name": "CVE-2026-21932",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21932"
},
{
"name": "CVE-2026-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21925"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2026-1188",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1188"
},
{
"name": "CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"name": "CVE-2026-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21945"
},
{
"name": "CVE-2026-29063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29063"
}
],
"initial_release_date": "2026-03-27T00:00:00",
"last_revision_date": "2026-03-27T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0372",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-03-27T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2026-03-25",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7267514",
"url": "https://www.ibm.com/support/pages/node/7267514"
},
{
"published_at": "2026-03-24",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7267346",
"url": "https://www.ibm.com/support/pages/node/7267346"
},
{
"published_at": "2026-03-24",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7267392",
"url": "https://www.ibm.com/support/pages/node/7267392"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7267689",
"url": "https://www.ibm.com/support/pages/node/7267689"
},
{
"published_at": "2026-03-24",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7267351",
"url": "https://www.ibm.com/support/pages/node/7267351"
},
{
"published_at": "2026-03-20",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7267058",
"url": "https://www.ibm.com/support/pages/node/7267058"
}
]
}
CERTFR-2026-AVI-0281
Vulnerability from certfr_avis - Published: 2026-03-12 - Updated: 2026-03-12
De multiples vulnérabilités ont été découvertes dans les produits Splunk. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Splunk | Splunk AppDynamics Private Synthetic Agent | Splunk AppDynamics Private Synthetic Agent versions 26.1.x antérieures à 26.1.0 | ||
| Splunk | Splunk AppDynamics On-Premises Enterprise Console | Splunk AppDynamics On-Premises Enterprise Console versions 26.1.x antérieures à 26.1.1 | ||
| Splunk | Splunk AppDynamics Database Agent | Splunk AppDynamics Database Agent versions 26.1.x antérieures à 26.1.0 | ||
| Splunk | Splunk Cloud Platform | Splunk Cloud Platform versions 10.0.2503 antérieures à 10.0.2503.12 | ||
| Splunk | Splunk Cloud Platform | Splunk Cloud Platform versions 9.3.2411 antérieures à 9.3.2411.124 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise versions 9.4.x antérieures à 9.4.9 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise versions 10.2.x antérieures à 10.2.1 | ||
| Splunk | Splunk AppDynamics NodeJS Agent | Splunk AppDynamics NodeJS Agent versions 25.12.x antérieures à 25.12.1 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise versions 10.0.x antérieures à 10.0.4 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise versions 9.3.x antérieures à 9.3.10 | ||
| Splunk | Splunk Cloud Platform | Splunk Cloud Platform versions 10.1.2507 antérieures à 10.1.2507.17 | ||
| Splunk | Splunk AppDynamics Java Agent | Splunk AppDynamics Java Agent versions 26.1.x antérieures à 26.1.0 | ||
| Splunk | Splunk Cloud Platform | Splunk Cloud Platform versions 10.2.2510 antérieures à 10.2.2510.7 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Splunk AppDynamics Private Synthetic Agent versions 26.1.x ant\u00e9rieures \u00e0 26.1.0",
"product": {
"name": "Splunk AppDynamics Private Synthetic Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics On-Premises Enterprise Console versions 26.1.x ant\u00e9rieures \u00e0 26.1.1",
"product": {
"name": "Splunk AppDynamics On-Premises Enterprise Console",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Database Agent versions 26.1.x ant\u00e9rieures \u00e0 26.1.0",
"product": {
"name": "Splunk AppDynamics Database Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Cloud Platform versions 10.0.2503 ant\u00e9rieures \u00e0 10.0.2503.12",
"product": {
"name": "Splunk Cloud Platform",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Cloud Platform versions 9.3.2411 ant\u00e9rieures \u00e0 9.3.2411.124",
"product": {
"name": "Splunk Cloud Platform",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise versions 9.4.x ant\u00e9rieures \u00e0 9.4.9",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise versions 10.2.x ant\u00e9rieures \u00e0 10.2.1",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics NodeJS Agent versions 25.12.x ant\u00e9rieures \u00e0 25.12.1",
"product": {
"name": "Splunk AppDynamics NodeJS Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise versions 10.0.x ant\u00e9rieures \u00e0 10.0.4",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise versions 9.3.x ant\u00e9rieures \u00e0 9.3.10",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Cloud Platform versions 10.1.2507 ant\u00e9rieures \u00e0 10.1.2507.17",
"product": {
"name": "Splunk Cloud Platform",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Java Agent versions 26.1.x ant\u00e9rieures \u00e0 26.1.0",
"product": {
"name": "Splunk AppDynamics Java Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Cloud Platform versions 10.2.2510 ant\u00e9rieures \u00e0 10.2.2510.7",
"product": {
"name": "Splunk Cloud Platform",
"vendor": {
"name": "Splunk",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2018-16864",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16864"
},
{
"name": "CVE-2025-48073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48073"
},
{
"name": "CVE-2025-31651",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
},
{
"name": "CVE-2025-11219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11219"
},
{
"name": "CVE-2026-21933",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21933"
},
{
"name": "CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"name": "CVE-2026-21932",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21932"
},
{
"name": "CVE-2025-66199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66199"
},
{
"name": "CVE-2025-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53042"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2025-1594",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1594"
},
{
"name": "CVE-2025-3887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3887"
},
{
"name": "CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"name": "CVE-2025-4574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4574"
},
{
"name": "CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"name": "CVE-2025-10148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
},
{
"name": "CVE-2025-14087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14087"
},
{
"name": "CVE-2025-12433",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12433"
},
{
"name": "CVE-2025-12444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12444"
},
{
"name": "CVE-2023-33201",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33201"
},
{
"name": "CVE-2024-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38286"
},
{
"name": "CVE-2025-11213",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11213"
},
{
"name": "CVE-2025-8556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8556"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-12036",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12036"
},
{
"name": "CVE-2012-0871",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0871"
},
{
"name": "CVE-2025-4056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4056"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-53062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53062"
},
{
"name": "CVE-2025-0518",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0518"
},
{
"name": "CVE-2025-69223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69223"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2025-12084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12084"
},
{
"name": "CVE-2018-15688",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15688"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2025-12438",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12438"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2023-26464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26464"
},
{
"name": "CVE-2025-69419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69419"
},
{
"name": "CVE-2025-24813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
},
{
"name": "CVE-2025-12435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12435"
},
{
"name": "CVE-2025-6075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6075"
},
{
"name": "CVE-2013-4394",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4394"
},
{
"name": "CVE-2019-20386",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20386"
},
{
"name": "CVE-2025-64183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64183"
},
{
"name": "CVE-2025-13226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13226"
},
{
"name": "CVE-2025-58185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58185"
},
{
"name": "CVE-2025-47808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47808"
},
{
"name": "CVE-2021-46877",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46877"
},
{
"name": "CVE-2026-2391",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2391"
},
{
"name": "CVE-2017-18078",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18078"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"name": "CVE-2019-17571",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
},
{
"name": "CVE-2025-11207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11207"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2025-13223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13223"
},
{
"name": "CVE-2025-12431",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12431"
},
{
"name": "CVE-2026-23745",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23745"
},
{
"name": "CVE-2025-15467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15467"
},
{
"name": "CVE-2024-58251",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58251"
},
{
"name": "CVE-2025-9820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9820"
},
{
"name": "CVE-2024-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7246"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2026-21226",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21226"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-33202",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33202"
},
{
"name": "CVE-2025-12726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12726"
},
{
"name": "CVE-2025-12445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12445"
},
{
"name": "CVE-2025-12437",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12437"
},
{
"name": "CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"name": "CVE-2025-69230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69230"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-14512",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14512"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2026-22795",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22795"
},
{
"name": "CVE-2026-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21925"
},
{
"name": "CVE-2025-0716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0716"
},
{
"name": "CVE-2025-64718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64718"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2025-12434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12434"
},
{
"name": "CVE-2025-69225",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69225"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-12439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12439"
},
{
"name": "CVE-2018-16865",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16865"
},
{
"name": "CVE-2025-14874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14874"
},
{
"name": "CVE-2020-17521",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17521"
},
{
"name": "CVE-2024-54677",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54677"
},
{
"name": "CVE-2025-48072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48072"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2025-12432",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12432"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2025-10966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10966"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2026-20165",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20165"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2025-22919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22919"
},
{
"name": "CVE-2024-23672",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23672"
},
{
"name": "CVE-2025-69227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69227"
},
{
"name": "CVE-2021-33910",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33910"
},
{
"name": "CVE-2025-69421",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69421"
},
{
"name": "CVE-2025-58188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58188"
},
{
"name": "CVE-2025-48964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
},
{
"name": "CVE-2025-12443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12443"
},
{
"name": "CVE-2025-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4565"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2023-6602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6602"
},
{
"name": "CVE-2025-11215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11215"
},
{
"name": "CVE-2013-4393",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4393"
},
{
"name": "CVE-2019-3842",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3842"
},
{
"name": "CVE-2025-11205",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11205"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-12725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12725"
},
{
"name": "CVE-2022-23305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23305"
},
{
"name": "CVE-2025-11208",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11208"
},
{
"name": "CVE-2025-68161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68161"
},
{
"name": "CVE-2024-8372",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8372"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2024-56337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56337"
},
{
"name": "CVE-2025-3360",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3360"
},
{
"name": "CVE-2026-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22796"
},
{
"name": "CVE-2025-11756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11756"
},
{
"name": "CVE-2025-59730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59730"
},
{
"name": "CVE-2025-61724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61724"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2020-13776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13776"
},
{
"name": "CVE-2025-13033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13033"
},
{
"name": "CVE-2022-23307",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23307"
},
{
"name": "CVE-2025-61723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61723"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2025-11212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11212"
},
{
"name": "CVE-2025-12495",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12495"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2025-46394",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46394"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2025-12840",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12840"
},
{
"name": "CVE-2025-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
},
{
"name": "CVE-2025-61725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61725"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2025-11458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11458"
},
{
"name": "CVE-2020-1712",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1712"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-12429",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12429"
},
{
"name": "CVE-2026-20164",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20164"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2026-24842",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24842"
},
{
"name": "CVE-2025-11211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11211"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-53069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53069"
},
{
"name": "CVE-2026-23950",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23950"
},
{
"name": "CVE-2023-26118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26118"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-69228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69228"
},
{
"name": "CVE-2025-59250",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59250"
},
{
"name": "CVE-2025-14104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14104"
},
{
"name": "CVE-2025-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53044"
},
{
"name": "CVE-2025-47807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47807"
},
{
"name": "CVE-2025-47806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47806"
},
{
"name": "CVE-2025-47912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47912"
},
{
"name": "CVE-2025-64182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64182"
},
{
"name": "CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"name": "CVE-2023-6604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6604"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-68160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68160"
},
{
"name": "CVE-2022-3821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3821"
},
{
"name": "CVE-2017-9217",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9217"
},
{
"name": "CVE-2025-60753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-60753"
},
{
"name": "CVE-2025-64181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64181"
},
{
"name": "CVE-2025-67735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-67735"
},
{
"name": "CVE-2025-12436",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12436"
},
{
"name": "CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"name": "CVE-2025-13230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13230"
},
{
"name": "CVE-2013-4327",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4327"
},
{
"name": "CVE-2025-58186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58186"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2025-12446",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12446"
},
{
"name": "CVE-2025-13228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13228"
},
{
"name": "CVE-2013-4391",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4391"
},
{
"name": "CVE-2026-20166",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20166"
},
{
"name": "CVE-2025-58187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
},
{
"name": "CVE-2025-12441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12441"
},
{
"name": "CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"name": "CVE-2025-47183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47183"
},
{
"name": "CVE-2025-13601",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13601"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2023-6601",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6601"
},
{
"name": "CVE-2018-16888",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16888"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-69226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69226"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2025-13224",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13224"
},
{
"name": "CVE-2025-13042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13042"
},
{
"name": "CVE-2024-34750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34750"
},
{
"name": "CVE-2025-11460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11460"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2025-47913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47913"
},
{
"name": "CVE-2025-13229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13229"
},
{
"name": "CVE-2024-24549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24549"
},
{
"name": "CVE-2025-12440",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12440"
},
{
"name": "CVE-2025-58181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58181"
},
{
"name": "CVE-2025-53054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53054"
},
{
"name": "CVE-2025-11216",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11216"
},
{
"name": "CVE-2025-47914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47914"
},
{
"name": "CVE-2018-1049",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1049"
},
{
"name": "CVE-2025-69418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69418"
},
{
"name": "CVE-2025-8114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8114"
},
{
"name": "CVE-2025-15468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15468"
},
{
"name": "CVE-2025-58189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58189"
},
{
"name": "CVE-2025-55668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
},
{
"name": "CVE-2025-11210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11210"
},
{
"name": "CVE-2020-36518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
},
{
"name": "CVE-2026-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21945"
},
{
"name": "CVE-2022-31159",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31159"
},
{
"name": "CVE-2025-12729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12729"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-13227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13227"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2025-10256",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10256"
},
{
"name": "CVE-2026-20162",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20162"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-12839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12839"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2025-37727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37727"
},
{
"name": "CVE-2025-53040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53040"
},
{
"name": "CVE-2019-3844",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3844"
},
{
"name": "CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"name": "CVE-2025-12728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12728"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2023-6605",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6605"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2022-23302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23302"
},
{
"name": "CVE-2025-12430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12430"
},
{
"name": "CVE-2025-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11187"
},
{
"name": "CVE-2025-11206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11206"
},
{
"name": "CVE-2025-62408",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62408"
},
{
"name": "CVE-2018-15686",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15686"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2025-9951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9951"
},
{
"name": "CVE-2025-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53045"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2025-59729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59729"
},
{
"name": "CVE-2025-48071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48071"
},
{
"name": "CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2023-26604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26604"
},
{
"name": "CVE-2025-69224",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69224"
},
{
"name": "CVE-2025-2759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2759"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2025-53053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53053"
},
{
"name": "CVE-2025-30153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30153"
},
{
"name": "CVE-2025-59419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59419"
},
{
"name": "CVE-2025-69229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69229"
},
{
"name": "CVE-2024-8373",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8373"
},
{
"name": "CVE-2025-11209",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11209"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2024-21490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21490"
},
{
"name": "CVE-2024-50379",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50379"
},
{
"name": "CVE-2023-49501",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49501"
},
{
"name": "CVE-2019-3843",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3843"
},
{
"name": "CVE-2018-6954",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6954"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2026-26981",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26981"
},
{
"name": "CVE-2025-12447",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12447"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2013-4392",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4392"
},
{
"name": "CVE-2025-48074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48074"
},
{
"name": "CVE-2024-52316",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52316"
},
{
"name": "CVE-2016-7795",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7795"
},
{
"name": "CVE-2025-12727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12727"
},
{
"name": "CVE-2025-69420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69420"
},
{
"name": "CVE-2025-12428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12428"
},
{
"name": "CVE-2026-20163",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20163"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
}
],
"initial_release_date": "2026-03-12T00:00:00",
"last_revision_date": "2026-03-12T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0281",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-03-12T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Splunk. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une injection de code indirecte \u00e0 distance (XSS).",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Splunk",
"vendor_advisories": [
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0302",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0302"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0311",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0311"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0308",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0308"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0309",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0309"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0305",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0305"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0310",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0310"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0304",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0304"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0301",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0301"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0313",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0313"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0306",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0306"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0303",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0303"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0307",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0307"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0312",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0312"
}
]
}
BDU:2026-01020
Vulnerability from fstec - Published: 05.03.2024
VLAI Severity ?
Title
Уязвимость JWT-библиотеки Jose4j, связанная с неправильной защитой токенов безопасности, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость JWT-библиотеки Jose4j связана с неправильной защитой токенов безопасности. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании
Severity ?
Vendor
Red Hat Inc., Fedora Project, ООО «Ред Софт», Сообщество свободного программного обеспечения
Software Name
OpenShift Developer Tools and Services, OpenShift Serverless, Red Hat build of Apicurio Registry, Fedora, РЕД ОС (запись в едином реестре российских программ №3751), apache-kafka, Jose4j
Software Version
- (OpenShift Developer Tools and Services), - (OpenShift Serverless), 2 (Red Hat build of Apicurio Registry), 42 (Fedora), 43 (Fedora), 8.0 (РЕД ОС), до 4.1.1 (apache-kafka), До 0.9.6 (Jose4j), 3 (Red Hat build of Apicurio Registry)
Possible Mitigations
В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года.
Использование рекомендаций:
Для Jose4j:
Обновление программного обеспечения до версий 0.9.6:
https://bitbucket.org/b_c/jose4j/commits/19a90a64c47b
Для программных продуктов Red Hat Inc.:
https://access.redhat.com/security/cve/cve-2024-29371
Для Fedora:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2024-29371
Для Ред ОС:
http://repo.red-soft.ru/redos/8.0/x86_64/updates/
Reference
https://bitbucket.org/b_c/jose4j/commits/19a90a64c47bb07c4aa5462f1316d5c293d81fcf
https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack
https://bitbucket.org/b_c/jose4j/commits/19a90a64c47b
https://bitbucket.org/b_c/jose4j/wiki/Home
https://redos.red-soft.ru/support/secure/
https://access.redhat.com/security/cve/cve-2024-29371
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2024-29371
CWE
CWE-1259
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Red Hat Inc., Fedora Project, \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "- (OpenShift Developer Tools and Services), - (OpenShift Serverless), 2 (Red Hat build of Apicurio Registry), 42 (Fedora), 43 (Fedora), 8.0 (\u0420\u0415\u0414 \u041e\u0421), \u0434\u043e 4.1.1 (apache-kafka), \u0414\u043e 0.9.6 (Jose4j), 3 (Red Hat build of Apicurio Registry)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Jose4j:\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0439 0.9.6:\n\nhttps://bitbucket.org/b_c/jose4j/commits/19a90a64c47b\n\n\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\n\nhttps://access.redhat.com/security/cve/cve-2024-29371\n\n\n\n\u0414\u043b\u044f Fedora:\n\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2024-29371\n\n\n\n\u0414\u043b\u044f \u0420\u0435\u0434 \u041e\u0421:\n\nhttp://repo.red-soft.ru/redos/8.0/x86_64/updates/",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "05.03.2024",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "30.01.2026",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "30.01.2026",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2026-01020",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-29371",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "OpenShift Developer Tools and Services, OpenShift Serverless, Red Hat build of Apicurio Registry, Fedora, \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), apache-kafka, Jose4j",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Fedora Project Fedora 42 , Fedora Project Fedora 43 , \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 8.0 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c JWT-\u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 Jose4j, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u0449\u0438\u0442\u043e\u0439 \u0442\u043e\u043a\u0435\u043d\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u0442\u043e\u043a\u0435\u043d\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (CWE-1259)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c JWT-\u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 Jose4j \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u0449\u0438\u0442\u043e\u0439 \u0442\u043e\u043a\u0435\u043d\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://bitbucket.org/b_c/jose4j/commits/19a90a64c47bb07c4aa5462f1316d5c293d81fcf\n\nhttps://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack\n\nhttps://bitbucket.org/b_c/jose4j/commits/19a90a64c47b\n\nhttps://bitbucket.org/b_c/jose4j/wiki/Home\n\nhttps://redos.red-soft.ru/support/secure/\n\nhttps://access.redhat.com/security/cve/cve-2024-29371\n\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2024-29371",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-1259",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}
RHSA-2026:10206
Vulnerability from csaf_redhat - Published: 2026-04-23 17:15 - Updated: 2026-05-05 03:16Summary
Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.19 security update.
Severity
Important
Notes
Topic: An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.19.
Details: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.19 security update.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.
7.5 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.19 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10206
A flaw was found in Jenkins. This vulnerability, identified as a stored cross-site scripting (XSS) issue, occurs because Jenkins does not properly escape the user-provided description for the "Mark temporarily offline" cause. An attacker with Agent/Configure or Agent/Disconnect permissions can exploit this to inject malicious scripts, leading to potential information disclosure or unauthorized actions within the user's browser.
4.6 (Medium)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.19 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10206
A flaw was found in Jenkins. An attacker with Item/Build and Item/Configure permissions can exploit this vulnerability by submitting Run Parameter values that refer to builds they do not have authorization to access. This allows the attacker to obtain sensitive information, including the existence of jobs, the existence of builds, and the display names of specific builds. This is an information disclosure vulnerability.
4.3 (Medium)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.19 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10206
A flaw was found in Jenkins. This vulnerability allows attackers with Item/Configure permission, or those who can control agent processes, to exploit unsafe handling of symbolic links during the extraction of .tar and .tar.gz archives. By crafting malicious archives, an attacker can write files to arbitrary locations on the filesystem. This could enable the deployment of malicious scripts or plugins on the Jenkins controller, potentially leading to unauthorized code execution.
8.8 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.19 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10206
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.19.",
"title": "Topic"
},
{
"category": "general",
"text": "Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.19 security update.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:10206",
"url": "https://access.redhat.com/errata/RHSA-2026:10206"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-29371",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27099",
"url": "https://access.redhat.com/security/cve/CVE-2026-27099"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27100",
"url": "https://access.redhat.com/security/cve/CVE-2026-27100"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33001",
"url": "https://access.redhat.com/security/cve/CVE-2026-33001"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html/jenkins",
"url": "https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html/jenkins"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_10206.json"
}
],
"title": "Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.19 security update.",
"tracking": {
"current_release_date": "2026-05-05T03:16:32+00:00",
"generator": {
"date": "2026-05-05T03:16:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:10206",
"initial_release_date": "2026-04-23T17:15:37+00:00",
"revision_history": [
{
"date": "2026-04-23T17:15:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-23T17:15:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-05T03:16:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services 4.19",
"product": {
"name": "OpenShift Developer Tools and Services 4.19",
"product_id": "OpenShift Developer Tools and Services 4.19",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.19::el9"
}
}
}
],
"category": "product_family",
"name": "OpenShift Developer Tools and Services"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel9@sha256%3A960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd?arch=amd64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944183"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel9@sha256%3A0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630?arch=amd64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944215"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel9@sha256%3A486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97?arch=arm64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944183"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel9@sha256%3A1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4?arch=arm64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944215"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel9@sha256%3Aa41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190?arch=ppc64le\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944183"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel9@sha256%3Aab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454?arch=ppc64le\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944215"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel9@sha256%3Acef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96?arch=s390x\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944183"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel9@sha256%3Ab453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7?arch=s390x\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944215"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64 as a component of OpenShift Developer Tools and Services 4.19",
"product_id": "OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64 as a component of OpenShift Developer Tools and Services 4.19",
"product_id": "OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le as a component of OpenShift Developer Tools and Services 4.19",
"product_id": "OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x as a component of OpenShift Developer Tools and Services 4.19",
"product_id": "OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64 as a component of OpenShift Developer Tools and Services 4.19",
"product_id": "OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64 as a component of OpenShift Developer Tools and Services 4.19",
"product_id": "OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le as a component of OpenShift Developer Tools and Services 4.19",
"product_id": "OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x as a component of OpenShift Developer Tools and Services 4.19",
"product_id": "OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.19"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-29371",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-17T16:01:18.173727+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2423194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important as it can lead to a Denial of Service in applications that process untrusted JSON Web Encryption tokens. An attacker can craft a malicious JWE token with an exceptionally high compression ratio, causing excessive memory allocation and processing time during decompression in affected components like jose4j. This affects products such as Red Hat AMQ, Enterprise Application Platform (EAP 8.0.z, 8.1.z), Red Hat JBoss Fuse, JBoss Data Grid, OpenShift Developer Tools \u0026 Services, Red Hat build of Apache Camel, Red Hat Integration, Red Hat OpenShift Dev Spaces, Red Hat Process Automation Manager, Red Hat Single Sign-On (RH-SSO), Insights, cloud.redhat.com, and OpenShift Serverless.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "RHBZ#2423194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack",
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
],
"release_date": "2025-12-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:15:37+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.19 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10206"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression"
},
{
"cve": "CVE-2026-27099",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-02-18T15:02:52.012661+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440638"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. This vulnerability, identified as a stored cross-site scripting (XSS) issue, occurs because Jenkins does not properly escape the user-provided description for the \"Mark temporarily offline\" cause. An attacker with Agent/Configure or Agent/Disconnect permissions can exploit this to inject malicious scripts, leading to potential information disclosure or unauthorized actions within the user\u0027s browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jenkins-ci.main/jenkins-core: Jenkins: Stored Cross-site Scripting (XSS) via unescaped user-provided offline cause description",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Jenkins allows authenticated attackers with Agent/Configure or Agent/Disconnect permissions to inject malicious scripts into the \"Mark temporarily offline\" cause description. This stored cross-site scripting (XSS) flaw can lead to information disclosure or unauthorized actions within a user\u0027s browser when viewing the affected description. Red Hat OpenShift Developer Tools \u0026 Services are affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27099"
},
{
"category": "external",
"summary": "RHBZ#2440638",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440638"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27099",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27099"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27099",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27099"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3669",
"url": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3669"
}
],
"release_date": "2026-02-18T14:17:43.911000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:15:37+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.19 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10206"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jenkins-ci.main/jenkins-core: Jenkins: Stored Cross-site Scripting (XSS) via unescaped user-provided offline cause description"
},
{
"cve": "CVE-2026-27100",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-02-18T15:02:47.032150+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440637"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. An attacker with Item/Build and Item/Configure permissions can exploit this vulnerability by submitting Run Parameter values that refer to builds they do not have authorization to access. This allows the attacker to obtain sensitive information, including the existence of jobs, the existence of builds, and the display names of specific builds. This is an information disclosure vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jenkins-ci.main/jenkins-core: Jenkins: Information disclosure via unauthorized access to build parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This information disclosure vulnerability in Jenkins allows an attacker with Item/Build and Item/Configure permissions to gain knowledge about the existence and display names of jobs and builds they are not authorized to access. This affects Jenkins instances in OpenShift Developer Tools \u0026 Services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27100"
},
{
"category": "external",
"summary": "RHBZ#2440637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440637"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27100",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27100"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27100",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27100"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3658",
"url": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3658"
}
],
"release_date": "2026-02-18T14:17:44.672000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:15:37+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.19 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10206"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jenkins-ci.main/jenkins-core: Jenkins: Information disclosure via unauthorized access to build parameters"
},
{
"cve": "CVE-2026-33001",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-03-18T16:02:14.310096+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448645"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. This vulnerability allows attackers with Item/Configure permission, or those who can control agent processes, to exploit unsafe handling of symbolic links during the extraction of .tar and .tar.gz archives. By crafting malicious archives, an attacker can write files to arbitrary locations on the filesystem. This could enable the deployment of malicious scripts or plugins on the Jenkins controller, potentially leading to unauthorized code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Jenkins: Arbitrary file write and potential code execution through crafted archives",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33001"
},
{
"category": "external",
"summary": "RHBZ#2448645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448645"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33001",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33001"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33001",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33001"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-03-18/#SECURITY-3657",
"url": "https://www.jenkins.io/security/advisory/2026-03-18/#SECURITY-3657"
}
],
"release_date": "2026-03-18T15:15:23.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:15:37+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.19 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10206"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.19:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins: Jenkins: Arbitrary file write and potential code execution through crafted archives"
}
]
}
RHSA-2026:10214
Vulnerability from csaf_redhat - Published: 2026-04-23 17:30 - Updated: 2026-05-05 03:16Summary
Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.16 security update.
Severity
Important
Notes
Topic: An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.16.
Details: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.16 security update.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.
7.5 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.16 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10214
A flaw was found in Jenkins. This vulnerability, identified as a stored cross-site scripting (XSS) issue, occurs because Jenkins does not properly escape the user-provided description for the "Mark temporarily offline" cause. An attacker with Agent/Configure or Agent/Disconnect permissions can exploit this to inject malicious scripts, leading to potential information disclosure or unauthorized actions within the user's browser.
4.6 (Medium)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.16 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10214
A flaw was found in Jenkins. An attacker with Item/Build and Item/Configure permissions can exploit this vulnerability by submitting Run Parameter values that refer to builds they do not have authorization to access. This allows the attacker to obtain sensitive information, including the existence of jobs, the existence of builds, and the display names of specific builds. This is an information disclosure vulnerability.
4.3 (Medium)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.16 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10214
A flaw was found in Jenkins. This vulnerability allows attackers with Item/Configure permission, or those who can control agent processes, to exploit unsafe handling of symbolic links during the extraction of .tar and .tar.gz archives. By crafting malicious archives, an attacker can write files to arbitrary locations on the filesystem. This could enable the deployment of malicious scripts or plugins on the Jenkins controller, potentially leading to unauthorized code execution.
8.8 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.16 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10214
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.16.",
"title": "Topic"
},
{
"category": "general",
"text": "Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.16 security update.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:10214",
"url": "https://access.redhat.com/errata/RHSA-2026:10214"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-29371",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27099",
"url": "https://access.redhat.com/security/cve/CVE-2026-27099"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27100",
"url": "https://access.redhat.com/security/cve/CVE-2026-27100"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33001",
"url": "https://access.redhat.com/security/cve/CVE-2026-33001"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html/jenkins",
"url": "https://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html/jenkins"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_10214.json"
}
],
"title": "Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.16 security update.",
"tracking": {
"current_release_date": "2026-05-05T03:16:34+00:00",
"generator": {
"date": "2026-05-05T03:16:34+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:10214",
"initial_release_date": "2026-04-23T17:30:02+00:00",
"revision_history": [
{
"date": "2026-04-23T17:30:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-23T17:30:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-05T03:16:34+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services 4.16",
"product": {
"name": "OpenShift Developer Tools and Services 4.16",
"product_id": "OpenShift Developer Tools and Services 4.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.16::el9"
}
}
}
],
"category": "product_family",
"name": "OpenShift Developer Tools and Services"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel9@sha256%3A960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd?arch=amd64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944183"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel9@sha256%3A0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630?arch=amd64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944215"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel9@sha256%3A486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97?arch=arm64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944183"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel9@sha256%3A1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4?arch=arm64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944215"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel9@sha256%3Aa41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190?arch=ppc64le\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944183"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel9@sha256%3Aab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454?arch=ppc64le\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944215"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel9@sha256%3Acef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96?arch=s390x\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944183"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel9@sha256%3Ab453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7?arch=s390x\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944215"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64 as a component of OpenShift Developer Tools and Services 4.16",
"product_id": "OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64 as a component of OpenShift Developer Tools and Services 4.16",
"product_id": "OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le as a component of OpenShift Developer Tools and Services 4.16",
"product_id": "OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x as a component of OpenShift Developer Tools and Services 4.16",
"product_id": "OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64 as a component of OpenShift Developer Tools and Services 4.16",
"product_id": "OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64 as a component of OpenShift Developer Tools and Services 4.16",
"product_id": "OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le as a component of OpenShift Developer Tools and Services 4.16",
"product_id": "OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x as a component of OpenShift Developer Tools and Services 4.16",
"product_id": "OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.16"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-29371",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-17T16:01:18.173727+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2423194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important as it can lead to a Denial of Service in applications that process untrusted JSON Web Encryption tokens. An attacker can craft a malicious JWE token with an exceptionally high compression ratio, causing excessive memory allocation and processing time during decompression in affected components like jose4j. This affects products such as Red Hat AMQ, Enterprise Application Platform (EAP 8.0.z, 8.1.z), Red Hat JBoss Fuse, JBoss Data Grid, OpenShift Developer Tools \u0026 Services, Red Hat build of Apache Camel, Red Hat Integration, Red Hat OpenShift Dev Spaces, Red Hat Process Automation Manager, Red Hat Single Sign-On (RH-SSO), Insights, cloud.redhat.com, and OpenShift Serverless.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "RHBZ#2423194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack",
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
],
"release_date": "2025-12-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:30:02+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.16 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10214"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression"
},
{
"cve": "CVE-2026-27099",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-02-18T15:02:52.012661+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440638"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. This vulnerability, identified as a stored cross-site scripting (XSS) issue, occurs because Jenkins does not properly escape the user-provided description for the \"Mark temporarily offline\" cause. An attacker with Agent/Configure or Agent/Disconnect permissions can exploit this to inject malicious scripts, leading to potential information disclosure or unauthorized actions within the user\u0027s browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jenkins-ci.main/jenkins-core: Jenkins: Stored Cross-site Scripting (XSS) via unescaped user-provided offline cause description",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Jenkins allows authenticated attackers with Agent/Configure or Agent/Disconnect permissions to inject malicious scripts into the \"Mark temporarily offline\" cause description. This stored cross-site scripting (XSS) flaw can lead to information disclosure or unauthorized actions within a user\u0027s browser when viewing the affected description. Red Hat OpenShift Developer Tools \u0026 Services are affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27099"
},
{
"category": "external",
"summary": "RHBZ#2440638",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440638"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27099",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27099"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27099",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27099"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3669",
"url": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3669"
}
],
"release_date": "2026-02-18T14:17:43.911000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:30:02+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.16 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10214"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jenkins-ci.main/jenkins-core: Jenkins: Stored Cross-site Scripting (XSS) via unescaped user-provided offline cause description"
},
{
"cve": "CVE-2026-27100",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-02-18T15:02:47.032150+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440637"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. An attacker with Item/Build and Item/Configure permissions can exploit this vulnerability by submitting Run Parameter values that refer to builds they do not have authorization to access. This allows the attacker to obtain sensitive information, including the existence of jobs, the existence of builds, and the display names of specific builds. This is an information disclosure vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jenkins-ci.main/jenkins-core: Jenkins: Information disclosure via unauthorized access to build parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This information disclosure vulnerability in Jenkins allows an attacker with Item/Build and Item/Configure permissions to gain knowledge about the existence and display names of jobs and builds they are not authorized to access. This affects Jenkins instances in OpenShift Developer Tools \u0026 Services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27100"
},
{
"category": "external",
"summary": "RHBZ#2440637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440637"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27100",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27100"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27100",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27100"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3658",
"url": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3658"
}
],
"release_date": "2026-02-18T14:17:44.672000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:30:02+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.16 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10214"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jenkins-ci.main/jenkins-core: Jenkins: Information disclosure via unauthorized access to build parameters"
},
{
"cve": "CVE-2026-33001",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-03-18T16:02:14.310096+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448645"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. This vulnerability allows attackers with Item/Configure permission, or those who can control agent processes, to exploit unsafe handling of symbolic links during the extraction of .tar and .tar.gz archives. By crafting malicious archives, an attacker can write files to arbitrary locations on the filesystem. This could enable the deployment of malicious scripts or plugins on the Jenkins controller, potentially leading to unauthorized code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Jenkins: Arbitrary file write and potential code execution through crafted archives",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33001"
},
{
"category": "external",
"summary": "RHBZ#2448645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448645"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33001",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33001"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33001",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33001"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-03-18/#SECURITY-3657",
"url": "https://www.jenkins.io/security/advisory/2026-03-18/#SECURITY-3657"
}
],
"release_date": "2026-03-18T15:15:23.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:30:02+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.16 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10214"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.16:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins: Jenkins: Arbitrary file write and potential code execution through crafted archives"
}
]
}
RHSA-2026:10209
Vulnerability from csaf_redhat - Published: 2026-04-23 17:20 - Updated: 2026-05-05 03:16Summary
Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.12 security update.
Severity
Important
Notes
Topic: An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.12.
Details: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.12 security update.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.
7.5 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.12 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10209
A flaw was found in Jenkins. This vulnerability, identified as a stored cross-site scripting (XSS) issue, occurs because Jenkins does not properly escape the user-provided description for the "Mark temporarily offline" cause. An attacker with Agent/Configure or Agent/Disconnect permissions can exploit this to inject malicious scripts, leading to potential information disclosure or unauthorized actions within the user's browser.
4.6 (Medium)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.12 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10209
A flaw was found in Jenkins. An attacker with Item/Build and Item/Configure permissions can exploit this vulnerability by submitting Run Parameter values that refer to builds they do not have authorization to access. This allows the attacker to obtain sensitive information, including the existence of jobs, the existence of builds, and the display names of specific builds. This is an information disclosure vulnerability.
4.3 (Medium)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.12 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10209
A flaw was found in Jenkins. This vulnerability allows attackers with Item/Configure permission, or those who can control agent processes, to exploit unsafe handling of symbolic links during the extraction of .tar and .tar.gz archives. By crafting malicious archives, an attacker can write files to arbitrary locations on the filesystem. This could enable the deployment of malicious scripts or plugins on the Jenkins controller, potentially leading to unauthorized code execution.
8.8 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.12 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10209
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.12.",
"title": "Topic"
},
{
"category": "general",
"text": "Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.12 security update.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:10209",
"url": "https://access.redhat.com/errata/RHSA-2026:10209"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-29371",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27099",
"url": "https://access.redhat.com/security/cve/CVE-2026-27099"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27100",
"url": "https://access.redhat.com/security/cve/CVE-2026-27100"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33001",
"url": "https://access.redhat.com/security/cve/CVE-2026-33001"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/jenkins",
"url": "https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/jenkins"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_10209.json"
}
],
"title": "Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.12 security update.",
"tracking": {
"current_release_date": "2026-05-05T03:16:33+00:00",
"generator": {
"date": "2026-05-05T03:16:33+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:10209",
"initial_release_date": "2026-04-23T17:20:35+00:00",
"revision_history": [
{
"date": "2026-04-23T17:20:35+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-23T17:20:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-05T03:16:33+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services 4.12",
"product": {
"name": "OpenShift Developer Tools and Services 4.12",
"product_id": "OpenShift Developer Tools and Services 4.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.12::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Developer Tools and Services"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel8@sha256%3Aad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872?arch=amd64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776760341"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel8@sha256%3A8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7?arch=amd64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776764096"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel8@sha256%3A3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230?arch=arm64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776760341"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel8@sha256%3A7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056?arch=ppc64le\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776760341"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel8@sha256%3A3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39?arch=s390x\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776760341"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64 as a component of OpenShift Developer Tools and Services 4.12",
"product_id": "OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x as a component of OpenShift Developer Tools and Services 4.12",
"product_id": "OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le as a component of OpenShift Developer Tools and Services 4.12",
"product_id": "OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64 as a component of OpenShift Developer Tools and Services 4.12",
"product_id": "OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64 as a component of OpenShift Developer Tools and Services 4.12",
"product_id": "OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-29371",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-17T16:01:18.173727+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2423194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important as it can lead to a Denial of Service in applications that process untrusted JSON Web Encryption tokens. An attacker can craft a malicious JWE token with an exceptionally high compression ratio, causing excessive memory allocation and processing time during decompression in affected components like jose4j. This affects products such as Red Hat AMQ, Enterprise Application Platform (EAP 8.0.z, 8.1.z), Red Hat JBoss Fuse, JBoss Data Grid, OpenShift Developer Tools \u0026 Services, Red Hat build of Apache Camel, Red Hat Integration, Red Hat OpenShift Dev Spaces, Red Hat Process Automation Manager, Red Hat Single Sign-On (RH-SSO), Insights, cloud.redhat.com, and OpenShift Serverless.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "RHBZ#2423194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack",
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
],
"release_date": "2025-12-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:20:35+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.12 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10209"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression"
},
{
"cve": "CVE-2026-27099",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-02-18T15:02:52.012661+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440638"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. This vulnerability, identified as a stored cross-site scripting (XSS) issue, occurs because Jenkins does not properly escape the user-provided description for the \"Mark temporarily offline\" cause. An attacker with Agent/Configure or Agent/Disconnect permissions can exploit this to inject malicious scripts, leading to potential information disclosure or unauthorized actions within the user\u0027s browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jenkins-ci.main/jenkins-core: Jenkins: Stored Cross-site Scripting (XSS) via unescaped user-provided offline cause description",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Jenkins allows authenticated attackers with Agent/Configure or Agent/Disconnect permissions to inject malicious scripts into the \"Mark temporarily offline\" cause description. This stored cross-site scripting (XSS) flaw can lead to information disclosure or unauthorized actions within a user\u0027s browser when viewing the affected description. Red Hat OpenShift Developer Tools \u0026 Services are affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27099"
},
{
"category": "external",
"summary": "RHBZ#2440638",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440638"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27099",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27099"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27099",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27099"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3669",
"url": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3669"
}
],
"release_date": "2026-02-18T14:17:43.911000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:20:35+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.12 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10209"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jenkins-ci.main/jenkins-core: Jenkins: Stored Cross-site Scripting (XSS) via unescaped user-provided offline cause description"
},
{
"cve": "CVE-2026-27100",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-02-18T15:02:47.032150+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440637"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. An attacker with Item/Build and Item/Configure permissions can exploit this vulnerability by submitting Run Parameter values that refer to builds they do not have authorization to access. This allows the attacker to obtain sensitive information, including the existence of jobs, the existence of builds, and the display names of specific builds. This is an information disclosure vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jenkins-ci.main/jenkins-core: Jenkins: Information disclosure via unauthorized access to build parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This information disclosure vulnerability in Jenkins allows an attacker with Item/Build and Item/Configure permissions to gain knowledge about the existence and display names of jobs and builds they are not authorized to access. This affects Jenkins instances in OpenShift Developer Tools \u0026 Services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27100"
},
{
"category": "external",
"summary": "RHBZ#2440637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440637"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27100",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27100"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27100",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27100"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3658",
"url": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3658"
}
],
"release_date": "2026-02-18T14:17:44.672000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:20:35+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.12 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10209"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jenkins-ci.main/jenkins-core: Jenkins: Information disclosure via unauthorized access to build parameters"
},
{
"cve": "CVE-2026-33001",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-03-18T16:02:14.310096+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448645"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. This vulnerability allows attackers with Item/Configure permission, or those who can control agent processes, to exploit unsafe handling of symbolic links during the extraction of .tar and .tar.gz archives. By crafting malicious archives, an attacker can write files to arbitrary locations on the filesystem. This could enable the deployment of malicious scripts or plugins on the Jenkins controller, potentially leading to unauthorized code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Jenkins: Arbitrary file write and potential code execution through crafted archives",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33001"
},
{
"category": "external",
"summary": "RHBZ#2448645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448645"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33001",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33001"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33001",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33001"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-03-18/#SECURITY-3657",
"url": "https://www.jenkins.io/security/advisory/2026-03-18/#SECURITY-3657"
}
],
"release_date": "2026-03-18T15:15:23.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:20:35+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.12 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10209"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"OpenShift Developer Tools and Services 4.12:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins: Jenkins: Arbitrary file write and potential code execution through crafted archives"
}
]
}
RHSA-2024:5482
Vulnerability from csaf_redhat - Published: 2024-08-15 20:07 - Updated: 2026-05-05 03:16Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.3 Security update
Severity
Important
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.2, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.3 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding [eap-8.0.z] (CVE-2024-28752)
* org.bouncycastle-bcprov-jdk18on: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack) [eap-8.0.z] (CVE-2024-30171)
* netty-codec-http: Allocation of Resources Without Limits or Throttling [eap-8.0.z] (CVE-2024-29025)
* org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class [eap-8.0.z] (CVE-2024-30172)
* org.bouncycastle:bcprov-jdk18on: org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service [eap-8.0.z] (CVE-2024-29857)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A server-side request forgery (SSRF) vulnerability was found in Apache CXF. This issue occurs in attacks on webservices that take at least one parameter of any type, and when Aegisdatabind is used. Users of other data bindings including the default databinding are not impacted.
7.4 (High)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:5482
Workaround
No mitigation is currently available for this vulnerability. Please make sure to update as the fixes become available.
A flaw was found in the io.netty:netty-codec-http package. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling issues due to the accumulation of data in the HttpPostRequestDecoder. The decoder cumulates bytes in the undecodedChunk buffer until it can decode a field, allowing data to accumulate without limits. This flaw allows an attacker to cause a denial of service by sending a chunked post consisting of many small fields that will be accumulated in the bodyListHttpData list.
5.3 (Medium)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:5482
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.
7.5 (High)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:5482
A vulnerability was found in Bouncy Castle. An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java). Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.
6.5 (Medium)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:5482
A flaw was found in the Bouncy Castle Java cryptography APIs. Affected versions of the org.bouncycastle:bcprov-jdk18on package are vulnerable to Observable Timing Discrepancy via the PKCS#1 1.5 and OAEP decryption process (a.k.a. Marvin Attack). An attacker can recover cipher-texts via a side-channel attack by exploiting the Marvin security flaw. The PKCS#1 1.5 attack vector leaks data via javax.crypto.Cipher exceptions and the OAEP interface vector leaks via the bit size of the decrypted data.
5.9 (Medium)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:5482
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the Bouncy Castle Java Cryptography APIs. Affected versions of this package are vulnerable to an Infinite loop issue in ED25519 verification in the ScalarUtil class. This flaw allows an attacker to send a malicious signature and public key to trigger a denial of service.
7.5 (High)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:5482
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
Red Hat
Hubert Kario
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.2, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.3 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding [eap-8.0.z] (CVE-2024-28752)\n\n* org.bouncycastle-bcprov-jdk18on: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack) [eap-8.0.z] (CVE-2024-30171)\n\n* netty-codec-http: Allocation of Resources Without Limits or Throttling [eap-8.0.z] (CVE-2024-29025)\n\n* org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class [eap-8.0.z] (CVE-2024-30172)\n\n* org.bouncycastle:bcprov-jdk18on: org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service [eap-8.0.z] (CVE-2024-29857)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:5482",
"url": "https://access.redhat.com/errata/RHSA-2024:5482"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0"
},
{
"category": "external",
"summary": "2270732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270732"
},
{
"category": "external",
"summary": "2272907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907"
},
{
"category": "external",
"summary": "2276360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276360"
},
{
"category": "external",
"summary": "2293025",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293025"
},
{
"category": "external",
"summary": "2293028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293028"
},
{
"category": "external",
"summary": "JBEAP-25224",
"url": "https://issues.redhat.com/browse/JBEAP-25224"
},
{
"category": "external",
"summary": "JBEAP-26018",
"url": "https://issues.redhat.com/browse/JBEAP-26018"
},
{
"category": "external",
"summary": "JBEAP-26696",
"url": "https://issues.redhat.com/browse/JBEAP-26696"
},
{
"category": "external",
"summary": "JBEAP-26790",
"url": "https://issues.redhat.com/browse/JBEAP-26790"
},
{
"category": "external",
"summary": "JBEAP-26791",
"url": "https://issues.redhat.com/browse/JBEAP-26791"
},
{
"category": "external",
"summary": "JBEAP-26802",
"url": "https://issues.redhat.com/browse/JBEAP-26802"
},
{
"category": "external",
"summary": "JBEAP-26816",
"url": "https://issues.redhat.com/browse/JBEAP-26816"
},
{
"category": "external",
"summary": "JBEAP-26823",
"url": "https://issues.redhat.com/browse/JBEAP-26823"
},
{
"category": "external",
"summary": "JBEAP-26843",
"url": "https://issues.redhat.com/browse/JBEAP-26843"
},
{
"category": "external",
"summary": "JBEAP-26886",
"url": "https://issues.redhat.com/browse/JBEAP-26886"
},
{
"category": "external",
"summary": "JBEAP-26932",
"url": "https://issues.redhat.com/browse/JBEAP-26932"
},
{
"category": "external",
"summary": "JBEAP-26948",
"url": "https://issues.redhat.com/browse/JBEAP-26948"
},
{
"category": "external",
"summary": "JBEAP-26961",
"url": "https://issues.redhat.com/browse/JBEAP-26961"
},
{
"category": "external",
"summary": "JBEAP-26962",
"url": "https://issues.redhat.com/browse/JBEAP-26962"
},
{
"category": "external",
"summary": "JBEAP-26966",
"url": "https://issues.redhat.com/browse/JBEAP-26966"
},
{
"category": "external",
"summary": "JBEAP-26986",
"url": "https://issues.redhat.com/browse/JBEAP-26986"
},
{
"category": "external",
"summary": "JBEAP-27002",
"url": "https://issues.redhat.com/browse/JBEAP-27002"
},
{
"category": "external",
"summary": "JBEAP-27019",
"url": "https://issues.redhat.com/browse/JBEAP-27019"
},
{
"category": "external",
"summary": "JBEAP-27055",
"url": "https://issues.redhat.com/browse/JBEAP-27055"
},
{
"category": "external",
"summary": "JBEAP-27090",
"url": "https://issues.redhat.com/browse/JBEAP-27090"
},
{
"category": "external",
"summary": "JBEAP-27192",
"url": "https://issues.redhat.com/browse/JBEAP-27192"
},
{
"category": "external",
"summary": "JBEAP-27194",
"url": "https://issues.redhat.com/browse/JBEAP-27194"
},
{
"category": "external",
"summary": "JBEAP-27261",
"url": "https://issues.redhat.com/browse/JBEAP-27261"
},
{
"category": "external",
"summary": "JBEAP-27262",
"url": "https://issues.redhat.com/browse/JBEAP-27262"
},
{
"category": "external",
"summary": "JBEAP-27327",
"url": "https://issues.redhat.com/browse/JBEAP-27327"
},
{
"category": "external",
"summary": "JBEAP-27356",
"url": "https://issues.redhat.com/browse/JBEAP-27356"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_5482.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.3 Security update",
"tracking": {
"current_release_date": "2026-05-05T03:16:26+00:00",
"generator": {
"date": "2026-05-05T03:16:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2024:5482",
"initial_release_date": "2024-08-15T20:07:00+00:00",
"revision_history": [
{
"date": "2024-08-15T20:07:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-08-15T20:07:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-05T03:16:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 8",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 8",
"product_id": "Red Hat JBoss Enterprise Application Platform 8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-28752",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2270732"
}
],
"notes": [
{
"category": "description",
"text": "A server-side request forgery (SSRF) vulnerability was found in Apache CXF. This issue occurs in attacks on webservices that take at least one parameter of any type, and when Aegisdatabind is used. Users of other data bindings including the default databinding are not impacted.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as an Important impact due to the fact this requires Aegis databind, which is not the default databinding for Apache CXF.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28752"
},
{
"category": "external",
"summary": "RHBZ#2270732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270732"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28752",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28752"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-qmgx-j96g-4428",
"url": "https://github.com/advisories/GHSA-qmgx-j96g-4428"
}
],
"release_date": "2024-03-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-15T20:07:00+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5482"
},
{
"category": "workaround",
"details": "No mitigation is currently available for this vulnerability. Please make sure to update as the fixes become available.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding"
},
{
"cve": "CVE-2024-29025",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2272907"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the io.netty:netty-codec-http package. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling issues due to the accumulation of data in the HttpPostRequestDecoder. The decoder cumulates bytes in the undecodedChunk buffer until it can decode a field, allowing data to accumulate without limits. This flaw allows an attacker to cause a denial of service by sending a chunked post consisting of many small fields that will be accumulated in the bodyListHttpData list.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http: Allocation of Resources Without Limits or Throttling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in io.netty:netty-codec-http, allowing for Allocation of Resources Without Limits or Throttling issues, is assessed as moderate severity due to its potential impact on system availability and performance. By exploiting the flaw in HttpPostRequestDecoder, an attacker can craft chunked POST requests with numerous small fields, causing excessive accumulation of data in memory buffers. This unrestricted accumulation can lead to significant memory consumption on the server, potentially exhausting available resources and resulting in denial of service (DoS) conditions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29025"
},
{
"category": "external",
"summary": "RHBZ#2272907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025"
},
{
"category": "external",
"summary": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3",
"url": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c",
"url": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812",
"url": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812"
}
],
"release_date": "2024-03-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-15T20:07:00+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5482"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-http: Allocation of Resources Without Limits or Throttling"
},
{
"cve": "CVE-2024-29371",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-17T16:01:18.173727+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2423194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important as it can lead to a Denial of Service in applications that process untrusted JSON Web Encryption tokens. An attacker can craft a malicious JWE token with an exceptionally high compression ratio, causing excessive memory allocation and processing time during decompression in affected components like jose4j. This affects products such as Red Hat AMQ, Enterprise Application Platform (EAP 8.0.z, 8.1.z), Red Hat JBoss Fuse, JBoss Data Grid, OpenShift Developer Tools \u0026 Services, Red Hat build of Apache Camel, Red Hat Integration, Red Hat OpenShift Dev Spaces, Red Hat Process Automation Manager, Red Hat Single Sign-On (RH-SSO), Insights, cloud.redhat.com, and OpenShift Serverless.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "RHBZ#2423194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack",
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
],
"release_date": "2025-12-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-15T20:07:00+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5482"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression"
},
{
"cve": "CVE-2024-29857",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293028"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Bouncy Castle. An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java). Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29857"
},
{
"category": "external",
"summary": "RHBZ#2293028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293028"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29857"
}
],
"release_date": "2024-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-15T20:07:00+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5482"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service"
},
{
"acknowledgments": [
{
"names": [
"Hubert Kario"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2024-30171",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2024-04-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2276360"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Bouncy Castle Java cryptography APIs. Affected versions of the org.bouncycastle:bcprov-jdk18on package are vulnerable to Observable Timing Discrepancy via the PKCS#1 1.5 and OAEP decryption process (a.k.a. Marvin Attack). An attacker can recover cipher-texts via a side-channel attack by exploiting the Marvin security flaw. The PKCS#1 1.5 attack vector leaks data via javax.crypto.Cipher exceptions and the OAEP interface vector leaks via the bit size of the decrypted data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-30171"
},
{
"category": "external",
"summary": "RHBZ#2276360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276360"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-30171",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30171"
},
{
"category": "external",
"summary": "https://people.redhat.com/~hkario/marvin/",
"url": "https://people.redhat.com/~hkario/marvin/"
}
],
"release_date": "2024-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-15T20:07:00+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5482"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)"
},
{
"cve": "CVE-2024-30172",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293025"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Bouncy Castle Java Cryptography APIs. Affected versions of this package are vulnerable to an Infinite loop issue in ED25519 verification in the ScalarUtil class. This flaw allows an attacker to send a malicious signature and public key to trigger a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-30172"
},
{
"category": "external",
"summary": "RHBZ#2293025",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293025"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-30172",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30172"
},
{
"category": "external",
"summary": "https://www.bouncycastle.org/latest_releases.html",
"url": "https://www.bouncycastle.org/latest_releases.html"
}
],
"release_date": "2024-05-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-15T20:07:00+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5482"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class"
}
]
}
RHSA-2026:10213
Vulnerability from csaf_redhat - Published: 2026-04-23 17:30 - Updated: 2026-05-05 03:16Summary
Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.17 security update.
Severity
Important
Notes
Topic: An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.17.
Details: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.17 security update.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.
7.5 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.17 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10213
A flaw was found in Jenkins. This vulnerability, identified as a stored cross-site scripting (XSS) issue, occurs because Jenkins does not properly escape the user-provided description for the "Mark temporarily offline" cause. An attacker with Agent/Configure or Agent/Disconnect permissions can exploit this to inject malicious scripts, leading to potential information disclosure or unauthorized actions within the user's browser.
4.6 (Medium)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.17 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10213
A flaw was found in Jenkins. An attacker with Item/Build and Item/Configure permissions can exploit this vulnerability by submitting Run Parameter values that refer to builds they do not have authorization to access. This allows the attacker to obtain sensitive information, including the existence of jobs, the existence of builds, and the display names of specific builds. This is an information disclosure vulnerability.
4.3 (Medium)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.17 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10213
A flaw was found in Jenkins. This vulnerability allows attackers with Item/Configure permission, or those who can control agent processes, to exploit unsafe handling of symbolic links during the extraction of .tar and .tar.gz archives. By crafting malicious archives, an attacker can write files to arbitrary locations on the filesystem. This could enable the deployment of malicious scripts or plugins on the Jenkins controller, potentially leading to unauthorized code execution.
8.8 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.17 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10213
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.17.",
"title": "Topic"
},
{
"category": "general",
"text": "Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.17 security update.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:10213",
"url": "https://access.redhat.com/errata/RHSA-2026:10213"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-29371",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27099",
"url": "https://access.redhat.com/security/cve/CVE-2026-27099"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27100",
"url": "https://access.redhat.com/security/cve/CVE-2026-27100"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33001",
"url": "https://access.redhat.com/security/cve/CVE-2026-33001"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/jenkins",
"url": "https://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/jenkins"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_10213.json"
}
],
"title": "Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.17 security update.",
"tracking": {
"current_release_date": "2026-05-05T03:16:34+00:00",
"generator": {
"date": "2026-05-05T03:16:34+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:10213",
"initial_release_date": "2026-04-23T17:30:00+00:00",
"revision_history": [
{
"date": "2026-04-23T17:30:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-23T17:30:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-05T03:16:34+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services 4.17",
"product": {
"name": "OpenShift Developer Tools and Services 4.17",
"product_id": "OpenShift Developer Tools and Services 4.17",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.17::el9"
}
}
}
],
"category": "product_family",
"name": "OpenShift Developer Tools and Services"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel9@sha256%3A960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd?arch=amd64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944183"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel9@sha256%3A0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630?arch=amd64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944215"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel9@sha256%3A486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97?arch=arm64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944183"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel9@sha256%3A1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4?arch=arm64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944215"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel9@sha256%3Aa41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190?arch=ppc64le\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944183"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel9@sha256%3Aab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454?arch=ppc64le\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944215"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel9@sha256%3Acef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96?arch=s390x\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944183"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel9@sha256%3Ab453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7?arch=s390x\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944215"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64 as a component of OpenShift Developer Tools and Services 4.17",
"product_id": "OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64 as a component of OpenShift Developer Tools and Services 4.17",
"product_id": "OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le as a component of OpenShift Developer Tools and Services 4.17",
"product_id": "OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x as a component of OpenShift Developer Tools and Services 4.17",
"product_id": "OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64 as a component of OpenShift Developer Tools and Services 4.17",
"product_id": "OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64 as a component of OpenShift Developer Tools and Services 4.17",
"product_id": "OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le as a component of OpenShift Developer Tools and Services 4.17",
"product_id": "OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x as a component of OpenShift Developer Tools and Services 4.17",
"product_id": "OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.17"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-29371",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-17T16:01:18.173727+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2423194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important as it can lead to a Denial of Service in applications that process untrusted JSON Web Encryption tokens. An attacker can craft a malicious JWE token with an exceptionally high compression ratio, causing excessive memory allocation and processing time during decompression in affected components like jose4j. This affects products such as Red Hat AMQ, Enterprise Application Platform (EAP 8.0.z, 8.1.z), Red Hat JBoss Fuse, JBoss Data Grid, OpenShift Developer Tools \u0026 Services, Red Hat build of Apache Camel, Red Hat Integration, Red Hat OpenShift Dev Spaces, Red Hat Process Automation Manager, Red Hat Single Sign-On (RH-SSO), Insights, cloud.redhat.com, and OpenShift Serverless.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "RHBZ#2423194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack",
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
],
"release_date": "2025-12-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:30:00+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.17 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10213"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression"
},
{
"cve": "CVE-2026-27099",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-02-18T15:02:52.012661+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440638"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. This vulnerability, identified as a stored cross-site scripting (XSS) issue, occurs because Jenkins does not properly escape the user-provided description for the \"Mark temporarily offline\" cause. An attacker with Agent/Configure or Agent/Disconnect permissions can exploit this to inject malicious scripts, leading to potential information disclosure or unauthorized actions within the user\u0027s browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jenkins-ci.main/jenkins-core: Jenkins: Stored Cross-site Scripting (XSS) via unescaped user-provided offline cause description",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Jenkins allows authenticated attackers with Agent/Configure or Agent/Disconnect permissions to inject malicious scripts into the \"Mark temporarily offline\" cause description. This stored cross-site scripting (XSS) flaw can lead to information disclosure or unauthorized actions within a user\u0027s browser when viewing the affected description. Red Hat OpenShift Developer Tools \u0026 Services are affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27099"
},
{
"category": "external",
"summary": "RHBZ#2440638",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440638"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27099",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27099"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27099",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27099"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3669",
"url": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3669"
}
],
"release_date": "2026-02-18T14:17:43.911000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:30:00+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.17 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10213"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jenkins-ci.main/jenkins-core: Jenkins: Stored Cross-site Scripting (XSS) via unescaped user-provided offline cause description"
},
{
"cve": "CVE-2026-27100",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-02-18T15:02:47.032150+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440637"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. An attacker with Item/Build and Item/Configure permissions can exploit this vulnerability by submitting Run Parameter values that refer to builds they do not have authorization to access. This allows the attacker to obtain sensitive information, including the existence of jobs, the existence of builds, and the display names of specific builds. This is an information disclosure vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jenkins-ci.main/jenkins-core: Jenkins: Information disclosure via unauthorized access to build parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This information disclosure vulnerability in Jenkins allows an attacker with Item/Build and Item/Configure permissions to gain knowledge about the existence and display names of jobs and builds they are not authorized to access. This affects Jenkins instances in OpenShift Developer Tools \u0026 Services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27100"
},
{
"category": "external",
"summary": "RHBZ#2440637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440637"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27100",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27100"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27100",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27100"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3658",
"url": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3658"
}
],
"release_date": "2026-02-18T14:17:44.672000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:30:00+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.17 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10213"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jenkins-ci.main/jenkins-core: Jenkins: Information disclosure via unauthorized access to build parameters"
},
{
"cve": "CVE-2026-33001",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-03-18T16:02:14.310096+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448645"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. This vulnerability allows attackers with Item/Configure permission, or those who can control agent processes, to exploit unsafe handling of symbolic links during the extraction of .tar and .tar.gz archives. By crafting malicious archives, an attacker can write files to arbitrary locations on the filesystem. This could enable the deployment of malicious scripts or plugins on the Jenkins controller, potentially leading to unauthorized code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Jenkins: Arbitrary file write and potential code execution through crafted archives",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33001"
},
{
"category": "external",
"summary": "RHBZ#2448645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448645"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33001",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33001"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33001",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33001"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-03-18/#SECURITY-3657",
"url": "https://www.jenkins.io/security/advisory/2026-03-18/#SECURITY-3657"
}
],
"release_date": "2026-03-18T15:15:23.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:30:00+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.17 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10213"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.17:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins: Jenkins: Arbitrary file write and potential code execution through crafted archives"
}
]
}
RHSA-2026:13571
Vulnerability from csaf_redhat - Published: 2026-05-04 23:37 - Updated: 2026-05-05 03:25Summary
Red Hat Security Advisory: Streams for Apache Kafka 3.2.0 release and security update
Severity
Critical
Notes
Topic: Streams for Apache Kafka 3.2.0 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Streams for Apache Kafka, based on the Apache Kafka project, offers a distributed
backbone that allows microservices and other applications to share data with
extremely high throughput and extremely low latency.
This release of Red Hat Streams for Apache Kafka 3.2.0 serves as a replacement for Red Hat Streams for Apache Kafka 3.1.0, and includes security and bug fixes, and enhancements.
Security Fix(es):
* Drain Cleaner, Kafks Exporter - Eclipse Vert.x Web static handler file access denial [amq-st-3.2]"(CVE-2026-1002)"
* Drain Cleaner, Kroxylicous - Netty denial of service[amqst-3.2]"(CVE-2026-33871)"
* Drain Cleaner, Kroxylicous - Netty request smuggling attacks[amqst-3.2]"(CVE-2026-33870)"
* Cruise Control - jose4j denial of service [amqst-3.2]"(CVE-2024-29371)"
* Kafka Exporter - golang-github-danielqsj-kafka_exporter: Memory exhaustion in query parameter parsing in net/url [amq-st-3.2]"(CVE-2025-61726)"
* Kafka Exporter - golang-github-danielqsj-kafka_exporter: golang: Denial of Service due to excessive resource consumption via crafted certificate [amq-st-3.2]"(CVE-2025-61729)"
* Kafka Exporter - golang-github-danielqsj-kafka_exporter: Unexpected session resumption in crypto/tls [amqst-3.2]"(CVE-2025-68121)"
* console UI - Next.js Server-Side Request Forgery in Server Actions [amqst-3.2]"(CVE-2024-34351)"
* console UI - com.github.streamshub-console: Next.js: Unbounded next/image disk cache growth can exhaust storage[amqst-3.2]"(CVE-2026-27980)"
* console UI - Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization [amqst-3.2]"(CVE-2025-62718)"
* console UI - React Server Components: Denial of Service via specially crafted HTTP requests [amqst-3.2]"(CVE-2026-23864)"
* console UI - Axios: Remote Code Execution via Prototype Pollution escalation [amqst-3.2]"(CVE-2026-40175)"
* console UI - lodash: Arbitrary code execution via untrusted input in template imports [amqst-3.2]"(CVE-2026-4800)"
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:13571
A Server-Side Request Forgery (SSRF) vulnerability was identified in Next.js Server Actions. If the `Host` header is modified, and the below conditions are also met, an attacker may be able to make requests that appear to be originating from the Next.js application server itself. The required conditions are 1) Next.js is running in a self-hosted manner; 2) the Next.js application makes use of Server Actions; and 3) the Server Action performs a redirect to a relative path which starts with a `/`.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:13571
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:13571
Workaround
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:13571
A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.
7.0 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:13571
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
7.4 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:13571
A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:13571
Workaround
To mitigate this vulnerability, consider disabling the static handler cache by configuring the StaticHandler instance with setCachingEnabled(false), for example:
~~~
StaticHandler staticHandler = StaticHandler.create().setCachingEnabled(false);
~~~
A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().
8.1 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:13571
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in React Server Components. A remote attacker can exploit this vulnerability by sending specially crafted HTTP requests to Server Function endpoints. This can lead to a Denial of Service (DoS), causing server crashes, out-of-memory exceptions, or excessive CPU usage, thereby impacting the availability of applications.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:13571
An unbounded disk usage flaw has been discovered in Next.js. The default Next.js image optimization disk cache (`/_next/image`) did not have a configurable upper bound, allowing unbounded cache growth. An attacker could generate many unique image-optimization variants and exhaust disk space, causing denial of service.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:13571
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Netty. A remote attacker could exploit this vulnerability by sending specially crafted HTTP/1.1 chunked transfer encoding extension values. Due to incorrect parsing of quoted strings, this flaw enables request smuggling attacks, potentially allowing an attacker to bypass security controls or access unauthorized information.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:13571
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Netty. A remote user can trigger a Denial of Service (DoS) against a Netty HTTP/2 server by sending a flood of CONTINUATION frames. The server's lack of a limit on these frames, coupled with a bypass of size-based mitigations using zero-byte frames, allows an attacker to consume excessive CPU resources. This can render the server unresponsive with minimal bandwidth usage.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:13571
A flaw was found in Axios, a promise-based HTTP client. This vulnerability, known as Prototype Pollution, can be exploited through a specific "Gadget" attack chain. This allows an attacker to escalate a Prototype Pollution vulnerability in a third-party dependency, potentially leading to remote code execution or a full cloud compromise, such as bypassing AWS IMDSv2.
9.0 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:13571
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Streams for Apache Kafka 3.2.0 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Streams for Apache Kafka, based on the Apache Kafka project, offers a distributed\nbackbone that allows microservices and other applications to share data with\nextremely high throughput and extremely low latency.\n\nThis release of Red Hat Streams for Apache Kafka 3.2.0 serves as a replacement for Red Hat Streams for Apache Kafka 3.1.0, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n* Drain Cleaner, Kafks Exporter - Eclipse Vert.x Web static handler file access denial [amq-st-3.2]\"(CVE-2026-1002)\"\n* Drain Cleaner, Kroxylicous - Netty denial of service[amqst-3.2]\"(CVE-2026-33871)\"\n* Drain Cleaner, Kroxylicous - Netty request smuggling attacks[amqst-3.2]\"(CVE-2026-33870)\"\n* Cruise Control - jose4j denial of service [amqst-3.2]\"(CVE-2024-29371)\"\n* Kafka Exporter - golang-github-danielqsj-kafka_exporter: Memory exhaustion in query parameter parsing in net/url [amq-st-3.2]\"(CVE-2025-61726)\"\n* Kafka Exporter - golang-github-danielqsj-kafka_exporter: golang: Denial of Service due to excessive resource consumption via crafted certificate [amq-st-3.2]\"(CVE-2025-61729)\"\n* Kafka Exporter - golang-github-danielqsj-kafka_exporter: Unexpected session resumption in crypto/tls [amqst-3.2]\"(CVE-2025-68121)\"\n* console UI - Next.js Server-Side Request Forgery in Server Actions [amqst-3.2]\"(CVE-2024-34351)\"\n* console UI - com.github.streamshub-console: Next.js: Unbounded next/image disk cache growth can exhaust storage[amqst-3.2]\"(CVE-2026-27980)\"\n* console UI - Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization [amqst-3.2]\"(CVE-2025-62718)\"\n* console UI - React Server Components: Denial of Service via specially crafted HTTP requests [amqst-3.2]\"(CVE-2026-23864)\"\n* console UI - Axios: Remote Code Execution via Prototype Pollution escalation [amqst-3.2]\"(CVE-2026-40175)\"\n* console UI - lodash: Arbitrary code execution via untrusted input in template imports [amqst-3.2]\"(CVE-2026-4800)\"",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:13571",
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "2423194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423194"
},
{
"category": "external",
"summary": "2430180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430180"
},
{
"category": "external",
"summary": "2433059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433059"
},
{
"category": "external",
"summary": "2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "2448509",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448509"
},
{
"category": "external",
"summary": "2452453",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452453"
},
{
"category": "external",
"summary": "2452456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452456"
},
{
"category": "external",
"summary": "2453496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453496"
},
{
"category": "external",
"summary": "2454387",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2454387"
},
{
"category": "external",
"summary": "2456913",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456913"
},
{
"category": "external",
"summary": "2457432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457432"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_13571.json"
}
],
"title": "Red Hat Security Advisory: Streams for Apache Kafka 3.2.0 release and security update",
"tracking": {
"current_release_date": "2026-05-05T03:25:42+00:00",
"generator": {
"date": "2026-05-05T03:25:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:13571",
"initial_release_date": "2026-05-04T23:37:19+00:00",
"revision_history": [
{
"date": "2026-05-04T23:37:19+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-04T23:37:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-05T03:25:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Streams for Apache Kafka 3.2.0",
"product": {
"name": "Streams for Apache Kafka 3.2.0",
"product_id": "Streams for Apache Kafka 3.2.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_streams:3.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-29371",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-17T16:01:18.173727+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2423194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important as it can lead to a Denial of Service in applications that process untrusted JSON Web Encryption tokens. An attacker can craft a malicious JWE token with an exceptionally high compression ratio, causing excessive memory allocation and processing time during decompression in affected components like jose4j. This affects products such as Red Hat AMQ, Enterprise Application Platform (EAP 8.0.z, 8.1.z), Red Hat JBoss Fuse, JBoss Data Grid, OpenShift Developer Tools \u0026 Services, Red Hat build of Apache Camel, Red Hat Integration, Red Hat OpenShift Dev Spaces, Red Hat Process Automation Manager, Red Hat Single Sign-On (RH-SSO), Insights, cloud.redhat.com, and OpenShift Serverless.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "RHBZ#2423194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack",
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
],
"release_date": "2025-12-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression"
},
{
"cve": "CVE-2024-34351",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2026-04-02T15:56:14.719577+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2454387"
}
],
"notes": [
{
"category": "description",
"text": "A Server-Side Request Forgery (SSRF) vulnerability was identified in Next.js Server Actions. If the `Host` header is modified, and the below conditions are also met, an attacker may be able to make requests that appear to be originating from the Next.js application server itself. The required conditions are 1) Next.js is running in a self-hosted manner; 2) the Next.js application makes use of Server Actions; and 3) the Server Action performs a redirect to a relative path which starts with a `/`.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "next: Next.js Server-Side Request Forgery in Server Actions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34351"
},
{
"category": "external",
"summary": "RHBZ#2454387",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2454387"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34351",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34351"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34351",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34351"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/commit/8f7a6ca7d21a97bc9f7a1bbe10427b5ad74b9085",
"url": "https://github.com/vercel/next.js/commit/8f7a6ca7d21a97bc9f7a1bbe10427b5ad74b9085"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/pull/62561",
"url": "https://github.com/vercel/next.js/pull/62561"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-fr5h-rqp8-mj6g",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-fr5h-rqp8-mj6g"
}
],
"release_date": "2024-05-09T16:14:16.236000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "next: Next.js Server-Side Request Forgery in Server Actions"
},
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-62718",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-04-09T15:01:48.111177+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456913"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has limited impact due to combination of non-default conditions to exploit: the attacker must be able to control or influence URLs passed to axios in a server-side context, the application must have both `HTTP_PROXY` and `NO_PROXY` configured, and the proxy itself must be positioned to act on the misdirected traffic or have been compromised by the attacker to intercept the rerouted traffic.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62718"
},
{
"category": "external",
"summary": "RHBZ#2456913",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456913"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1",
"url": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2",
"url": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df",
"url": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/pull/10661",
"url": "https://github.com/axios/axios/pull/10661"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
"url": "https://github.com/axios/axios/releases/tag/v1.15.0"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5",
"url": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5"
}
],
"release_date": "2026-04-09T14:31:46.067000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
},
{
"cve": "CVE-2026-1002",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-01-15T21:03:20.088599+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430180"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability allows a remote attacker to block access to specific static files, such as images, CSS or HTML files. However, the underlying Vert.x server, the API endpoints and other non-cached resources are not affected. Due to this reason, this issue has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1002"
},
{
"category": "external",
"summary": "RHBZ#2430180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430180"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1002",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1002"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1002",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1002"
},
{
"category": "external",
"summary": "https://github.com/eclipse-vertx/vert.x/pull/5895",
"url": "https://github.com/eclipse-vertx/vert.x/pull/5895"
}
],
"release_date": "2026-01-15T20:50:25.642000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, consider disabling the static handler cache by configuring the StaticHandler instance with setCachingEnabled(false), for example:\n\n~~~\nStaticHandler staticHandler = StaticHandler.create().setCachingEnabled(false);\n~~~",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files"
},
{
"cve": "CVE-2026-4800",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-03-31T20:01:21.918257+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453496"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lodash: lodash: Arbitrary code execution via untrusted input in template imports",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the context of Red Hat Enterprise Linux, the grafana and grafana-pcp packages execute the affected JavaScript entirely client-side within the user\u0027s browser. Consequently, the attack surface is strictly restricted to the local browser environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4800"
},
{
"category": "external",
"summary": "RHBZ#2453496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4800",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm",
"url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm"
},
{
"category": "external",
"summary": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c",
"url": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c"
}
],
"release_date": "2026-03-31T19:25:55.987000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lodash: lodash: Arbitrary code execution via untrusted input in template imports"
},
{
"cve": "CVE-2026-23864",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-01-26T20:01:54.396535+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2433059"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in React Server Components. A remote attacker can exploit this vulnerability by sending specially crafted HTTP requests to Server Function endpoints. This can lead to a Denial of Service (DoS), causing server crashes, out-of-memory exceptions, or excessive CPU usage, thereby impacting the availability of applications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "react-server-dom-webpack: react-server-dom-parcel: reactreact-server-dom-turbopack: React Server Components: Denial of Service via specially crafted HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23864"
},
{
"category": "external",
"summary": "RHBZ#2433059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23864",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23864"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23864",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23864"
},
{
"category": "external",
"summary": "https://github.com/facebook/react/security/advisories/GHSA-83fc-fqcc-2hmg",
"url": "https://github.com/facebook/react/security/advisories/GHSA-83fc-fqcc-2hmg"
},
{
"category": "external",
"summary": "https://www.facebook.com/security/advisories/cve-2026-23864",
"url": "https://www.facebook.com/security/advisories/cve-2026-23864"
}
],
"release_date": "2026-01-26T19:16:38.250000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "react-server-dom-webpack: react-server-dom-parcel: reactreact-server-dom-turbopack: React Server Components: Denial of Service via specially crafted HTTP requests"
},
{
"cve": "CVE-2026-27980",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-18T01:01:36.393672+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448509"
}
],
"notes": [
{
"category": "description",
"text": "An unbounded disk usage flaw has been discovered in Next.js. The default Next.js image optimization disk cache (`/_next/image`) did not have a configurable upper bound, allowing unbounded cache growth. An attacker could generate many unique image-optimization variants and exhaust disk space, causing denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "next.js: Next.js: Unbounded next/image disk cache growth can exhaust storage",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27980"
},
{
"category": "external",
"summary": "RHBZ#2448509",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448509"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27980",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27980"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27980",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27980"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/commit/39eb8e0ac498b48855a0430fbf4c22276a73b4bd",
"url": "https://github.com/vercel/next.js/commit/39eb8e0ac498b48855a0430fbf4c22276a73b4bd"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/releases/tag/v16.1.7",
"url": "https://github.com/vercel/next.js/releases/tag/v16.1.7"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-3x4c-7xq6-9pq8",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-3x4c-7xq6-9pq8"
}
],
"release_date": "2026-03-18T00:23:34.862000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "next.js: Next.js: Unbounded next/image disk cache growth can exhaust storage"
},
{
"cve": "CVE-2026-33870",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-03-27T21:01:59.865839+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452453"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. A remote attacker could exploit this vulnerability by sending specially crafted HTTP/1.1 chunked transfer encoding extension values. Due to incorrect parsing of quoted strings, this flaw enables request smuggling attacks, potentially allowing an attacker to bypass security controls or access unauthorized information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33870"
},
{
"category": "external",
"summary": "RHBZ#2452453",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452453"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33870",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33870"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33870",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33870"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8",
"url": "https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8"
},
{
"category": "external",
"summary": "https://w4ke.info/2025/06/18/funky-chunks.html",
"url": "https://w4ke.info/2025/06/18/funky-chunks.html"
},
{
"category": "external",
"summary": "https://w4ke.info/2025/10/29/funky-chunks-2.html",
"url": "https://w4ke.info/2025/10/29/funky-chunks-2.html"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110",
"url": "https://www.rfc-editor.org/rfc/rfc9110"
}
],
"release_date": "2026-03-27T19:54:15.586000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values"
},
{
"cve": "CVE-2026-33871",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-27T21:02:13.396015+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452456"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. A remote user can trigger a Denial of Service (DoS) against a Netty HTTP/2 server by sending a flood of CONTINUATION frames. The server\u0027s lack of a limit on these frames, coupled with a bypass of size-based mitigations using zero-byte frames, allows an attacker to consume excessive CPU resources. This can render the server unresponsive with minimal bandwidth usage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This important vulnerability in Netty HTTP/2 servers allows a remote attacker to cause a Denial of Service by sending a flood of CONTINUATION frames. This can lead to excessive CPU consumption and render the server unresponsive. Red Hat products utilizing affected Netty versions, such as Red Hat AMQ, Enterprise Application Platform, and OpenShift Container Platform components, are impacted if configured to use HTTP/2.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33871"
},
{
"category": "external",
"summary": "RHBZ#2452456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452456"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33871",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33871"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33871",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33871"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv"
}
],
"release_date": "2026-03-27T19:55:23.135000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood"
},
{
"cve": "CVE-2026-40175",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-10T20:02:10.296601+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability, known as Prototype Pollution, can be exploited through a specific \"Gadget\" attack chain. This allows an attacker to escalate a Prototype Pollution vulnerability in a third-party dependency, potentially leading to remote code execution or a full cloud compromise, such as bypassing AWS IMDSv2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Remote Code Execution via Prototype Pollution escalation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Axios library, a promise-based HTTP client, is susceptible to an Important prototype pollution vulnerability. This flaw, when combined with specific \"Gadget\" attack chains in third-party dependencies, can lead to remote code execution or full cloud compromise, including bypassing AWS IMDSv2.\n \nWith pollution check patch available in Axios gives an advantage, it remains vulnerable due to HTTP Header Sanitation and Server-Side Request Forgery threat.\n\nRed Hat products that incorporate the vulnerable Axios library are affected.\n\nThe openshift4/ose-monitoring-plugin-rhel9 container image is not vulnerable to this flaw. The affected component is used as a build-time dependency but it\u0027s not shipped in the final product, meaning the flaw is not present thus cannot be exploited in the container deployments.\n\nRegarding openshift4/ose-console for Product stream 4.12 and 4.13, the vulnerable component is present (indirect dependency), but the vulnerability is not exploitable in our case due to the browser runtime, where the required Node.js-specific attack vectors are not available. With this, the impact becomes low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-40175"
},
{
"category": "external",
"summary": "RHBZ#2457432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-40175",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40175"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1",
"url": "https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/pull/10660",
"url": "https://github.com/axios/axios/pull/10660"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
"url": "https://github.com/axios/axios/releases/tag/v1.15.0"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx",
"url": "https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx"
}
],
"release_date": "2026-04-10T19:23:52.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Remote Code Execution via Prototype Pollution escalation"
}
]
}
RHSA-2026:10204
Vulnerability from csaf_redhat - Published: 2026-04-23 16:56 - Updated: 2026-05-05 03:16Summary
Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.15 security update.
Severity
Important
Notes
Topic: An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.15.
Details: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.15 security update.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.
7.5 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.15 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10204
A flaw was found in Jenkins. This vulnerability, identified as a stored cross-site scripting (XSS) issue, occurs because Jenkins does not properly escape the user-provided description for the "Mark temporarily offline" cause. An attacker with Agent/Configure or Agent/Disconnect permissions can exploit this to inject malicious scripts, leading to potential information disclosure or unauthorized actions within the user's browser.
4.6 (Medium)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.15 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10204
A flaw was found in Jenkins. An attacker with Item/Build and Item/Configure permissions can exploit this vulnerability by submitting Run Parameter values that refer to builds they do not have authorization to access. This allows the attacker to obtain sensitive information, including the existence of jobs, the existence of builds, and the display names of specific builds. This is an information disclosure vulnerability.
4.3 (Medium)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.15 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10204
A flaw was found in Jenkins. This vulnerability allows attackers with Item/Configure permission, or those who can control agent processes, to exploit unsafe handling of symbolic links during the extraction of .tar and .tar.gz archives. By crafting malicious archives, an attacker can write files to arbitrary locations on the filesystem. This could enable the deployment of malicious scripts or plugins on the Jenkins controller, potentially leading to unauthorized code execution.
8.8 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.15 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10204
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.15.",
"title": "Topic"
},
{
"category": "general",
"text": "Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.15 security update.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:10204",
"url": "https://access.redhat.com/errata/RHSA-2026:10204"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-29371",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27099",
"url": "https://access.redhat.com/security/cve/CVE-2026-27099"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27100",
"url": "https://access.redhat.com/security/cve/CVE-2026-27100"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33001",
"url": "https://access.redhat.com/security/cve/CVE-2026-33001"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html/jenkins",
"url": "https://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html/jenkins"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_10204.json"
}
],
"title": "Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.15 security update.",
"tracking": {
"current_release_date": "2026-05-05T03:16:32+00:00",
"generator": {
"date": "2026-05-05T03:16:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:10204",
"initial_release_date": "2026-04-23T16:56:17+00:00",
"revision_history": [
{
"date": "2026-04-23T16:56:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-23T16:56:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-05T03:16:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services 4.15",
"product": {
"name": "OpenShift Developer Tools and Services 4.15",
"product_id": "OpenShift Developer Tools and Services 4.15",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.15::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Developer Tools and Services"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel8@sha256%3Aad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872?arch=amd64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776760341"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel8@sha256%3A5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d?arch=amd64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776762347"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel8@sha256%3A3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230?arch=arm64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776760341"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel8@sha256%3Aec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae?arch=arm64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776762347"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel8@sha256%3A7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056?arch=ppc64le\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776760341"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel8@sha256%3A02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c?arch=ppc64le\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776762347"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel8@sha256%3A3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39?arch=s390x\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776760341"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel8@sha256%3Afa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8?arch=s390x\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776762347"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64 as a component of OpenShift Developer Tools and Services 4.15",
"product_id": "OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x as a component of OpenShift Developer Tools and Services 4.15",
"product_id": "OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le as a component of OpenShift Developer Tools and Services 4.15",
"product_id": "OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64 as a component of OpenShift Developer Tools and Services 4.15",
"product_id": "OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le as a component of OpenShift Developer Tools and Services 4.15",
"product_id": "OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64 as a component of OpenShift Developer Tools and Services 4.15",
"product_id": "OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64 as a component of OpenShift Developer Tools and Services 4.15",
"product_id": "OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x as a component of OpenShift Developer Tools and Services 4.15",
"product_id": "OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-29371",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-17T16:01:18.173727+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2423194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important as it can lead to a Denial of Service in applications that process untrusted JSON Web Encryption tokens. An attacker can craft a malicious JWE token with an exceptionally high compression ratio, causing excessive memory allocation and processing time during decompression in affected components like jose4j. This affects products such as Red Hat AMQ, Enterprise Application Platform (EAP 8.0.z, 8.1.z), Red Hat JBoss Fuse, JBoss Data Grid, OpenShift Developer Tools \u0026 Services, Red Hat build of Apache Camel, Red Hat Integration, Red Hat OpenShift Dev Spaces, Red Hat Process Automation Manager, Red Hat Single Sign-On (RH-SSO), Insights, cloud.redhat.com, and OpenShift Serverless.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "RHBZ#2423194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack",
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
],
"release_date": "2025-12-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T16:56:17+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.15 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10204"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression"
},
{
"cve": "CVE-2026-27099",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-02-18T15:02:52.012661+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440638"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. This vulnerability, identified as a stored cross-site scripting (XSS) issue, occurs because Jenkins does not properly escape the user-provided description for the \"Mark temporarily offline\" cause. An attacker with Agent/Configure or Agent/Disconnect permissions can exploit this to inject malicious scripts, leading to potential information disclosure or unauthorized actions within the user\u0027s browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jenkins-ci.main/jenkins-core: Jenkins: Stored Cross-site Scripting (XSS) via unescaped user-provided offline cause description",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Jenkins allows authenticated attackers with Agent/Configure or Agent/Disconnect permissions to inject malicious scripts into the \"Mark temporarily offline\" cause description. This stored cross-site scripting (XSS) flaw can lead to information disclosure or unauthorized actions within a user\u0027s browser when viewing the affected description. Red Hat OpenShift Developer Tools \u0026 Services are affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27099"
},
{
"category": "external",
"summary": "RHBZ#2440638",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440638"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27099",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27099"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27099",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27099"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3669",
"url": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3669"
}
],
"release_date": "2026-02-18T14:17:43.911000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T16:56:17+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.15 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10204"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jenkins-ci.main/jenkins-core: Jenkins: Stored Cross-site Scripting (XSS) via unescaped user-provided offline cause description"
},
{
"cve": "CVE-2026-27100",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-02-18T15:02:47.032150+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440637"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. An attacker with Item/Build and Item/Configure permissions can exploit this vulnerability by submitting Run Parameter values that refer to builds they do not have authorization to access. This allows the attacker to obtain sensitive information, including the existence of jobs, the existence of builds, and the display names of specific builds. This is an information disclosure vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jenkins-ci.main/jenkins-core: Jenkins: Information disclosure via unauthorized access to build parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This information disclosure vulnerability in Jenkins allows an attacker with Item/Build and Item/Configure permissions to gain knowledge about the existence and display names of jobs and builds they are not authorized to access. This affects Jenkins instances in OpenShift Developer Tools \u0026 Services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27100"
},
{
"category": "external",
"summary": "RHBZ#2440637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440637"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27100",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27100"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27100",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27100"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3658",
"url": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3658"
}
],
"release_date": "2026-02-18T14:17:44.672000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T16:56:17+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.15 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10204"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jenkins-ci.main/jenkins-core: Jenkins: Information disclosure via unauthorized access to build parameters"
},
{
"cve": "CVE-2026-33001",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-03-18T16:02:14.310096+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448645"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. This vulnerability allows attackers with Item/Configure permission, or those who can control agent processes, to exploit unsafe handling of symbolic links during the extraction of .tar and .tar.gz archives. By crafting malicious archives, an attacker can write files to arbitrary locations on the filesystem. This could enable the deployment of malicious scripts or plugins on the Jenkins controller, potentially leading to unauthorized code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Jenkins: Arbitrary file write and potential code execution through crafted archives",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33001"
},
{
"category": "external",
"summary": "RHBZ#2448645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448645"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33001",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33001"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33001",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33001"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-03-18/#SECURITY-3657",
"url": "https://www.jenkins.io/security/advisory/2026-03-18/#SECURITY-3657"
}
],
"release_date": "2026-03-18T15:15:23.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T16:56:17+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.15 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10204"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"OpenShift Developer Tools and Services 4.15:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins: Jenkins: Arbitrary file write and potential code execution through crafted archives"
}
]
}
RHSA-2025:17299
Vulnerability from csaf_redhat - Published: 2025-10-02 14:54 - Updated: 2026-05-05 03:16Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.0 security update
Severity
Important
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 8.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime.
This asynchronous patch is an update for Red Hat JBoss Enterprise Application Platform 8.1. See Release Notes for information about the most
significant bug fixes and enhancements included in this release.
Security Fix(es):
* netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions [eap-8.1.z] (CVE-2025-58056)
* netty-codec-http2: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions [eap-8.1.z] (CVE-2025-58056)
* cxf: CXF JMS Code Execution Vulnerability [eap-8.1.z] (CVE-2025-48913)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.
7.5 (High)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:17299
A flaw was found in org.apache.cxf/cxf, where untrusted users can configure JMS to allow the specification of RMI or LDAP URLs, possibly leading to code execution. This vulnerability allows an attacker to provide malicious protocol URLs during JMS configuration.
8.3 (High)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:17299
Workaround
To reduce risk, deployments should restrict the allowed protocols in JMS configuration to trusted and expected values only. In particular, disallow the use of rmi:// and ldap:// URLs, which could be abused for remote class loading and code execution.
A flaw was found in Netty where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts. While not a protocol bug, this highlights a common implementation weakness that can be exploited to cause a denial of service (DoS).
7.5 (High)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:17299
Workaround
No mitigation is currently available that meets Red Hat Product Security’s standards for usability, deployment, applicability, or stability.
A flaw in Netty’s HTTP/1.1 chunked encoding parser allows newline (LF) characters in chunk extensions to be incorrectly treated as the end of the chunk-size line instead of requiring the proper CRLF sequence. This discrepancy can be exploited in rare cases where a reverse proxy interprets the same input differently, potentially enabling HTTP request smuggling attacks such as bypassing access controls or corrupting responses.
7.5 (High)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:17299
Workaround
To mitigate this issue, enforce strict RFC compliance on all front-end proxies and load balancers so that lone LF characters in chunk extensions are rejected or normalized before being forwarded. Additionally, configure input validation at the application or proxy layer to block malformed chunked requests, ensuring consistent parsing across all components in the request path.
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is an update for Red Hat JBoss Enterprise Application Platform 8.1. See Release Notes for information about the most\nsignificant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions [eap-8.1.z] (CVE-2025-58056)\n\n* netty-codec-http2: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions [eap-8.1.z] (CVE-2025-58056)\n\n* cxf: CXF JMS Code Execution Vulnerability [eap-8.1.z] (CVE-2025-48913)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:17299",
"url": "https://access.redhat.com/errata/RHSA-2025:17299"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/7129481",
"url": "https://access.redhat.com/articles/7129481"
},
{
"category": "external",
"summary": "2388252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388252"
},
{
"category": "external",
"summary": "2392996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392996"
},
{
"category": "external",
"summary": "JBEAP-30701",
"url": "https://issues.redhat.com/browse/JBEAP-30701"
},
{
"category": "external",
"summary": "JBEAP-30732",
"url": "https://issues.redhat.com/browse/JBEAP-30732"
},
{
"category": "external",
"summary": "JBEAP-30759",
"url": "https://issues.redhat.com/browse/JBEAP-30759"
},
{
"category": "external",
"summary": "JBEAP-30761",
"url": "https://issues.redhat.com/browse/JBEAP-30761"
},
{
"category": "external",
"summary": "JBEAP-30763",
"url": "https://issues.redhat.com/browse/JBEAP-30763"
},
{
"category": "external",
"summary": "JBEAP-30887",
"url": "https://issues.redhat.com/browse/JBEAP-30887"
},
{
"category": "external",
"summary": "JBEAP-30889",
"url": "https://issues.redhat.com/browse/JBEAP-30889"
},
{
"category": "external",
"summary": "JBEAP-30891",
"url": "https://issues.redhat.com/browse/JBEAP-30891"
},
{
"category": "external",
"summary": "JBEAP-30916",
"url": "https://issues.redhat.com/browse/JBEAP-30916"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_17299.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.0 security update",
"tracking": {
"current_release_date": "2026-05-05T03:16:29+00:00",
"generator": {
"date": "2026-05-05T03:16:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2025:17299",
"initial_release_date": "2025-10-02T14:54:02+00:00",
"revision_history": [
{
"date": "2025-10-02T14:54:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-02T14:54:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-05T03:16:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 8.1.0",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 8.1.0",
"product_id": "Red Hat JBoss Enterprise Application Platform 8.1.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-29371",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-17T16:01:18.173727+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2423194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important as it can lead to a Denial of Service in applications that process untrusted JSON Web Encryption tokens. An attacker can craft a malicious JWE token with an exceptionally high compression ratio, causing excessive memory allocation and processing time during decompression in affected components like jose4j. This affects products such as Red Hat AMQ, Enterprise Application Platform (EAP 8.0.z, 8.1.z), Red Hat JBoss Fuse, JBoss Data Grid, OpenShift Developer Tools \u0026 Services, Red Hat build of Apache Camel, Red Hat Integration, Red Hat OpenShift Dev Spaces, Red Hat Process Automation Manager, Red Hat Single Sign-On (RH-SSO), Insights, cloud.redhat.com, and OpenShift Serverless.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "RHBZ#2423194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack",
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
],
"release_date": "2025-12-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-02T14:54:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17299"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression"
},
{
"cve": "CVE-2025-48913",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-08-08T10:00:54.007824+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2387221"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in org.apache.cxf/cxf, where untrusted users can configure JMS to allow the specification of RMI or LDAP URLs, possibly leading to code execution. This vulnerability allows an attacker to provide malicious protocol URLs during JMS configuration.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.apache.cxf/cxf: CXF JMS Code Execution Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw should be considered Important because the impact goes beyond a simple denial of service or configuration misuse. By allowing untrusted users to configure JMS with RMI or LDAP URLs, attackers could achieve remote code execution by loading attacker-controlled classes or objects. Although this requires the precondition that the attacker has access to JMS configuration, in many enterprise deployments this may be exposed through integration layers or misconfigured permissions, making the attack surface broader than a purely local or limited-scope scenario.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48913"
},
{
"category": "external",
"summary": "RHBZ#2387221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387221"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48913"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48913",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48913"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/f1nv488ztc0js4g5ml2v88mzkzslyh83",
"url": "https://lists.apache.org/thread/f1nv488ztc0js4g5ml2v88mzkzslyh83"
}
],
"release_date": "2025-08-08T09:21:22.208000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-02T14:54:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17299"
},
{
"category": "workaround",
"details": "To reduce risk, deployments should restrict the allowed protocols in JMS configuration to trusted and expected values only. In particular, disallow the use of rmi:// and ldap:// URLs, which could be abused for remote class loading and code execution.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "org.apache.cxf/cxf: CXF JMS Code Execution Vulnerability"
},
{
"cve": "CVE-2025-55163",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-08-13T15:01:55.372237+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2388252"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the \"MadeYouReset\" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts. While not a protocol bug, this highlights a common implementation weakness that can be exploited to cause a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated with an Important severity. It is simple to exploit because it does not require authentication and could result in a denial of service (DoS). While some DoS flaws are classified as Moderate, \u201cMadeYouReset\u201d is Important because of the limited barriers (no specialized tooling or advanced scripting) to exploitation, which directly impacts service availability. The vulnerability arises from an implementation weakness in HTTP/2 stream reset handling \u2014 malformed client requests can trigger server-side resets without incrementing abuse counters, allowing an attacker to bypass built-in request throttling and overhead limits. Since these resets consume CPU and memory resources and can be generated at scale over a single TCP/TLS connection, a remote attacker could exhaust server capacity quickly, impacting all legitimate clients.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-55163"
},
{
"category": "external",
"summary": "RHBZ#2388252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388252"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-55163",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55163"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-prj3-ccx8-p6x4",
"url": "https://github.com/netty/netty/security/advisories/GHSA-prj3-ccx8-p6x4"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/767506",
"url": "https://kb.cert.org/vuls/id/767506"
}
],
"release_date": "2025-08-13T14:17:36.111000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-02T14:54:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17299"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability"
},
{
"cve": "CVE-2025-58056",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2025-09-03T21:01:22.935850+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392996"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in Netty\u2019s HTTP/1.1 chunked encoding parser allows newline (LF) characters in chunk extensions to be incorrectly treated as the end of the chunk-size line instead of requiring the proper CRLF sequence. This discrepancy can be exploited in rare cases where a reverse proxy interprets the same input differently, potentially enabling HTTP request smuggling attacks such as bypassing access controls or corrupting responses.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is considered Moderate rather than Important because successful exploitation depends on a very specific deployment condition: the presence of an intermediary reverse proxy that both mishandles lone LF characters in chunk extensions and forwards them unmodified to Netty. By itself, Netty\u2019s parsing quirk does not introduce risk, and in most real-world environments, reverse proxies normalize or reject malformed chunked requests, preventing smuggling. As a result, the vulnerability has limited reach, requires a niche configuration to be exploitable, and does not universally expose Netty-based servers to request smuggling\u2014hence it is rated moderate in severity rather than important or critical.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58056"
},
{
"category": "external",
"summary": "RHBZ#2392996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392996"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58056",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58056"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc9112#name-chunked-transfer-coding",
"url": "https://datatracker.ietf.org/doc/html/rfc9112#name-chunked-transfer-coding"
},
{
"category": "external",
"summary": "https://github.com/JLLeitschuh/unCVEed/issues/1",
"url": "https://github.com/JLLeitschuh/unCVEed/issues/1"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"url": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/issues/15522",
"url": "https://github.com/netty/netty/issues/15522"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/pull/15611",
"url": "https://github.com/netty/netty/pull/15611"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-fghv-69vj-qj49",
"url": "https://github.com/netty/netty/security/advisories/GHSA-fghv-69vj-qj49"
},
{
"category": "external",
"summary": "https://w4ke.info/2025/06/18/funky-chunks.html",
"url": "https://w4ke.info/2025/06/18/funky-chunks.html"
}
],
"release_date": "2025-09-03T20:56:50.732000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-02T14:54:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17299"
},
{
"category": "workaround",
"details": "To mitigate this issue, enforce strict RFC compliance on all front-end proxies and load balancers so that lone LF characters in chunk extensions are rejected or normalized before being forwarded. Additionally, configure input validation at the application or proxy layer to block malformed chunked requests, ensuring consistent parsing across all components in the request path.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8.1.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions"
}
]
}
RHSA-2024:5479
Vulnerability from csaf_redhat - Published: 2024-08-15 20:11 - Updated: 2026-05-05 03:16Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.3 Security update
Severity
Important
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.2, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.3 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding [eap-8.0.z] (CVE-2024-28752)
* org.bouncycastle-bcprov-jdk18on: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack) [eap-8.0.z] (CVE-2024-30171)
* netty-codec-http: Allocation of Resources Without Limits or Throttling [eap-8.0.z] (CVE-2024-29025)
* org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class [eap-8.0.z] (CVE-2024-30172)
* org.bouncycastle:bcprov-jdk18on: org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service [eap-8.0.z] (CVE-2024-29857)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A server-side request forgery (SSRF) vulnerability was found in Apache CXF. This issue occurs in attacks on webservices that take at least one parameter of any type, and when Aegisdatabind is used. Users of other data bindings including the default databinding are not impacted.
7.4 (High)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:5479
Workaround
No mitigation is currently available for this vulnerability. Please make sure to update as the fixes become available.
A flaw was found in the io.netty:netty-codec-http package. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling issues due to the accumulation of data in the HttpPostRequestDecoder. The decoder cumulates bytes in the undecodedChunk buffer until it can decode a field, allowing data to accumulate without limits. This flaw allows an attacker to cause a denial of service by sending a chunked post consisting of many small fields that will be accumulated in the bodyListHttpData list.
5.3 (Medium)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:5479
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.
7.5 (High)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:5479
A vulnerability was found in Bouncy Castle. An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java). Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.
6.5 (Medium)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:5479
A flaw was found in the Bouncy Castle Java cryptography APIs. Affected versions of the org.bouncycastle:bcprov-jdk18on package are vulnerable to Observable Timing Discrepancy via the PKCS#1 1.5 and OAEP decryption process (a.k.a. Marvin Attack). An attacker can recover cipher-texts via a side-channel attack by exploiting the Marvin security flaw. The PKCS#1 1.5 attack vector leaks data via javax.crypto.Cipher exceptions and the OAEP interface vector leaks via the bit size of the decrypted data.
5.9 (Medium)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:5479
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the Bouncy Castle Java Cryptography APIs. Affected versions of this package are vulnerable to an Infinite loop issue in ED25519 verification in the ScalarUtil class. This flaw allows an attacker to send a malicious signature and public key to trigger a denial of service.
7.5 (High)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:5479
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
Red Hat
Hubert Kario
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.2, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.3 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding [eap-8.0.z] (CVE-2024-28752)\n\n* org.bouncycastle-bcprov-jdk18on: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack) [eap-8.0.z] (CVE-2024-30171)\n\n* netty-codec-http: Allocation of Resources Without Limits or Throttling [eap-8.0.z] (CVE-2024-29025)\n\n* org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class [eap-8.0.z] (CVE-2024-30172)\n\n* org.bouncycastle:bcprov-jdk18on: org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service [eap-8.0.z] (CVE-2024-29857)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:5479",
"url": "https://access.redhat.com/errata/RHSA-2024:5479"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/"
},
{
"category": "external",
"summary": "2270732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270732"
},
{
"category": "external",
"summary": "2272907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907"
},
{
"category": "external",
"summary": "2276360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276360"
},
{
"category": "external",
"summary": "2293025",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293025"
},
{
"category": "external",
"summary": "2293028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293028"
},
{
"category": "external",
"summary": "JBEAP-25224",
"url": "https://issues.redhat.com/browse/JBEAP-25224"
},
{
"category": "external",
"summary": "JBEAP-26018",
"url": "https://issues.redhat.com/browse/JBEAP-26018"
},
{
"category": "external",
"summary": "JBEAP-26696",
"url": "https://issues.redhat.com/browse/JBEAP-26696"
},
{
"category": "external",
"summary": "JBEAP-26790",
"url": "https://issues.redhat.com/browse/JBEAP-26790"
},
{
"category": "external",
"summary": "JBEAP-26791",
"url": "https://issues.redhat.com/browse/JBEAP-26791"
},
{
"category": "external",
"summary": "JBEAP-26792",
"url": "https://issues.redhat.com/browse/JBEAP-26792"
},
{
"category": "external",
"summary": "JBEAP-26802",
"url": "https://issues.redhat.com/browse/JBEAP-26802"
},
{
"category": "external",
"summary": "JBEAP-26816",
"url": "https://issues.redhat.com/browse/JBEAP-26816"
},
{
"category": "external",
"summary": "JBEAP-26823",
"url": "https://issues.redhat.com/browse/JBEAP-26823"
},
{
"category": "external",
"summary": "JBEAP-26843",
"url": "https://issues.redhat.com/browse/JBEAP-26843"
},
{
"category": "external",
"summary": "JBEAP-26886",
"url": "https://issues.redhat.com/browse/JBEAP-26886"
},
{
"category": "external",
"summary": "JBEAP-26932",
"url": "https://issues.redhat.com/browse/JBEAP-26932"
},
{
"category": "external",
"summary": "JBEAP-26948",
"url": "https://issues.redhat.com/browse/JBEAP-26948"
},
{
"category": "external",
"summary": "JBEAP-26961",
"url": "https://issues.redhat.com/browse/JBEAP-26961"
},
{
"category": "external",
"summary": "JBEAP-26962",
"url": "https://issues.redhat.com/browse/JBEAP-26962"
},
{
"category": "external",
"summary": "JBEAP-26966",
"url": "https://issues.redhat.com/browse/JBEAP-26966"
},
{
"category": "external",
"summary": "JBEAP-26986",
"url": "https://issues.redhat.com/browse/JBEAP-26986"
},
{
"category": "external",
"summary": "JBEAP-27002",
"url": "https://issues.redhat.com/browse/JBEAP-27002"
},
{
"category": "external",
"summary": "JBEAP-27019",
"url": "https://issues.redhat.com/browse/JBEAP-27019"
},
{
"category": "external",
"summary": "JBEAP-27055",
"url": "https://issues.redhat.com/browse/JBEAP-27055"
},
{
"category": "external",
"summary": "JBEAP-27090",
"url": "https://issues.redhat.com/browse/JBEAP-27090"
},
{
"category": "external",
"summary": "JBEAP-27192",
"url": "https://issues.redhat.com/browse/JBEAP-27192"
},
{
"category": "external",
"summary": "JBEAP-27194",
"url": "https://issues.redhat.com/browse/JBEAP-27194"
},
{
"category": "external",
"summary": "JBEAP-27261",
"url": "https://issues.redhat.com/browse/JBEAP-27261"
},
{
"category": "external",
"summary": "JBEAP-27262",
"url": "https://issues.redhat.com/browse/JBEAP-27262"
},
{
"category": "external",
"summary": "JBEAP-27327",
"url": "https://issues.redhat.com/browse/JBEAP-27327"
},
{
"category": "external",
"summary": "JBEAP-27356",
"url": "https://issues.redhat.com/browse/JBEAP-27356"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_5479.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.3 Security update",
"tracking": {
"current_release_date": "2026-05-05T03:16:22+00:00",
"generator": {
"date": "2026-05-05T03:16:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2024:5479",
"initial_release_date": "2024-08-15T20:11:43+00:00",
"revision_history": [
{
"date": "2024-08-15T20:11:43+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-08-15T20:11:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-05T03:16:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 8.0 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-mod_cluster@2.0.3-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src",
"product": {
"name": "eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src",
"product_id": "eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-neethi@3.2.0-1.redhat_00004.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src",
"product_id": "eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jbossws-cxf@7.1.0-1.Final_redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hal-console@3.6.19-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src",
"product": {
"name": "eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src",
"product_id": "eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-velocity@2.3.0-3.redhat_00009.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron@2.2.6-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-discovery@1.3.0-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src",
"product": {
"name": "eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src",
"product_id": "eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j@3.0.3-1.redhat_00008.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-bouncycastle@1.78.1-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src",
"product_id": "eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-sshd@2.12.1-2.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src",
"product": {
"name": "eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src",
"product_id": "eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jasypt@1.9.3-4.redhat_00004.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.4-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src",
"product_id": "eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-caffeine@3.1.8-2.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-mime4j@0.8.11-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-angus@2.0.3-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src",
"product": {
"name": "eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src",
"product_id": "eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-java-classmate@1.5.1-3.redhat_00004.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src",
"product_id": "eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-mail@2.1.3-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src",
"product_id": "eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-joda-time@2.12.7-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src",
"product": {
"name": "eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src",
"product_id": "eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-xml-security@3.0.4-1.redhat_00005.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-guava-failureaccess@1.0.2-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jsf-impl@4.0.7-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src",
"product_id": "eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy@6.2.7-2.Final_redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src",
"product_id": "eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-yasson@3.0.3-3.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-stax2-api@4.2.2-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty@4.1.108-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src",
"product_id": "eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.15.0-6.redhat_00016.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src",
"product_id": "eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-cli@1.4.0-2.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src",
"product": {
"name": "eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src",
"product_id": "eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-angus-activation@2.0.1-3.redhat_00006.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src",
"product": {
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src",
"product_id": "eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-httpcomponents-asyncclient@4.1.5-3.redhat_00005.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-reactivex-rxjava@3.1.8-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src",
"product": {
"name": "eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src",
"product_id": "eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.21.0-5.redhat_00052.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-websocket@2.1.1-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-xnio-transport@0.1.10-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-metadata@16.0.0-3.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-weld-core@5.1.2-2.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src",
"product": {
"name": "eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src",
"product_id": "eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-xjc-utils@4.0.0-5.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src",
"product_id": "eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml@4.2.0-4.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src",
"product_id": "eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hornetq@2.4.9-4.Final_redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src",
"product_id": "eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-json-api@2.1.3-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src",
"product_id": "eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-parsson@1.1.5-2.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-xml-bind-api@4.0.1-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-epoll@4.1.108-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.13-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src",
"product": {
"name": "eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src",
"product_id": "eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-api@6.0.0-5.redhat_00006.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-byte-buddy@1.14.18-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src",
"product_id": "eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-guava-libraries@33.0.0-1.jre_redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jandex@3.0.8-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src",
"product": {
"name": "eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src",
"product_id": "eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-httpcomponents-core@4.4.16-4.redhat_00010.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src",
"product_id": "eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-beanutils@1.9.4-13.redhat_00004.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src",
"product_id": "eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.3.0-2.GA_redhat_00004.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src",
"product": {
"name": "eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src",
"product_id": "eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-httpcomponents-client@4.5.14-4.redhat_00012.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src",
"product": {
"name": "eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src",
"product_id": "eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wsdl4j@1.6.3-5.redhat_00008.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-openjdk-orb@10.1.0-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan@14.0.30-2.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src",
"product": {
"name": "eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src",
"product_id": "eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.3-9.GA_redhat_00004.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src",
"product_id": "eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jaxb@4.0.5-2.redhat_00001.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-mod_cluster@2.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch",
"product_id": "eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-neethi@3.2.0-1.redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jbossws-cxf@7.1.0-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hal-console@3.6.19-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"product_id": "eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-velocity@2.3.0-3.redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"product_id": "eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-velocity-engine-core@2.3.0-3.redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron@2.2.6-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron-tool@2.2.6-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-discovery-client@1.3.0-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"product": {
"name": "eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"product_id": "eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j@3.0.3-1.redhat_00008.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"product": {
"name": "eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"product_id": "eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-bindings@3.0.3-1.redhat_00008.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"product": {
"name": "eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"product_id": "eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-policy@3.0.3-1.redhat_00008.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"product": {
"name": "eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"product_id": "eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-ws-security-common@3.0.3-1.redhat_00008.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"product": {
"name": "eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"product_id": "eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-ws-security-dom@3.0.3-1.redhat_00008.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"product": {
"name": "eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"product_id": "eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-ws-security-policy-stax@3.0.3-1.redhat_00008.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"product": {
"name": "eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"product_id": "eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-ws-security-stax@3.0.3-1.redhat_00008.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-bouncycastle@1.78.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-bouncycastle-jmail@1.78.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-bouncycastle-pg@1.78.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-bouncycastle-pkix@1.78.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-bouncycastle-prov@1.78.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-bouncycastle-util@1.78.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-sshd@2.12.1-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch",
"product_id": "eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jasypt@1.9.3-4.redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.4-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.4-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.4-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.4-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-caffeine@3.1.8-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-mime4j@0.8.11-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-mime4j-dom@0.8.11-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-mime4j-storage@0.8.11-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-angus-mail@2.0.3-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch",
"product_id": "eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-java-classmate@1.5.1-3.redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-mail@2.1.3-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-joda-time@2.12.7-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch",
"product_id": "eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-xml-security@3.0.4-1.redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-guava-failureaccess@1.0.2-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jsf-impl@4.0.7-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy@6.2.7-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-atom-provider@6.2.7-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-cdi@6.2.7-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-client@6.2.7-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-client-api@6.2.7-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-core@6.2.7-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-core-spi@6.2.7-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-crypto@6.2.7-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-jackson2-provider@6.2.7-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-jaxb-provider@6.2.7-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-jsapi@6.2.7-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-json-binding-provider@6.2.7-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-json-p-provider@6.2.7-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-multipart-provider@6.2.7-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-rxjava2@6.2.7-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-validator-provider@6.2.7-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-yasson@3.0.3-3.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-stax2-api@4.2.2-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty@4.1.108-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-buffer@4.1.108-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec@4.1.108-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec-dns@4.1.108-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec-http@4.1.108-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec-socks@4.1.108-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-common@4.1.108-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-handler@4.1.108-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-handler-proxy@4.1.108-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-resolver@4.1.108-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-resolver-dns@4.1.108-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport@4.1.108-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-classes-epoll@4.1.108-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-unix-common@4.1.108-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch",
"product_id": "eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.15.0-6.redhat_00016.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch",
"product_id": "eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-cli@1.4.0-2.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch",
"product_id": "eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-angus-activation@2.0.1-3.redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch",
"product_id": "eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-httpcomponents-asyncclient@4.1.5-3.redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-reactivex-rxjava@3.1.8-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.21.0-5.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.21.0-5.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.21.0-5.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.21.0-5.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.21.0-5.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.21.0-5.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.21.0-5.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.21.0-5.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.21.0-5.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.21.0-5.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.21.0-5.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.21.0-5.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.21.0-5.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.21.0-5.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-server@2.21.0-5.redhat_00052.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-websocket-api@2.1.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-websocket-client-api@2.1.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-xnio-transport@0.1.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-metadata@16.0.0-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-metadata-appclient@16.0.0-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-metadata-common@16.0.0-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-metadata-ear@16.0.0-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-metadata-ejb@16.0.0-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-metadata-web@16.0.0-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-weld-core@5.1.2-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-weld-core-impl@5.1.2-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-weld-core-jsf@5.1.2-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-weld-ejb@5.1.2-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-weld-jta@5.1.2-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-weld-lite-extension-translator@5.1.2-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-weld-web@5.1.2-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-xjc-utils@4.0.0-5.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"product_id": "eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cxf-xjc-boolean@4.0.0-5.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"product_id": "eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cxf-xjc-bug986@4.0.0-5.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"product_id": "eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cxf-xjc-dv@4.0.0-5.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"product_id": "eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cxf-xjc-runtime@4.0.0-5.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"product_id": "eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cxf-xjc-ts@4.0.0-5.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml@4.2.0-4.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-core@4.2.0-4.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-profile-api@4.2.0-4.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-saml-api@4.2.0-4.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-saml-impl@4.2.0-4.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-security-api@4.2.0-4.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-security-impl@4.2.0-4.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-soap-api@4.2.0-4.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xacml-api@4.2.0-4.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xacml-impl@4.2.0-4.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xacml-saml-api@4.2.0-4.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xacml-saml-impl@4.2.0-4.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xmlsec-api@4.2.0-4.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xmlsec-impl@4.2.0-4.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hornetq@2.4.9-4.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hornetq-commons@2.4.9-4.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hornetq-core-client@2.4.9-4.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hornetq-jakarta-client@2.4.9-4.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-json-api@2.1.3-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-parsson@1.1.5-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-xml-bind-api@4.0.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.13-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j-api@2.0.13-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch",
"product_id": "eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-api@6.0.0-5.redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-byte-buddy@1.14.18-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-guava@33.0.0-1.jre_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-guava-libraries@33.0.0-1.jre_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jandex@3.0.8-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch",
"product": {
"name": "eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch",
"product_id": "eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-httpcomponents-core@4.4.16-4.redhat_00010.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch",
"product_id": "eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-beanutils@1.9.4-13.redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"product_id": "eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.3.0-2.GA_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"product_id": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.3.0-2.GA_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch",
"product": {
"name": "eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch",
"product_id": "eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-httpcomponents-client@4.5.14-4.redhat_00012.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch",
"product": {
"name": "eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch",
"product_id": "eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wsdl4j@1.6.3-5.redhat_00008.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-openjdk-orb@10.1.0-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan@14.0.30-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-cachestore-jdbc-common-jakarta@14.0.30-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-cachestore-jdbc-jakarta@14.0.30-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-cachestore-remote@14.0.30-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-cdi-common-jakarta@14.0.30-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-cdi-embedded-jakarta@14.0.30-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-cdi-remote-jakarta@14.0.30-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-client-hotrod-jakarta@14.0.30-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-clustered-counter@14.0.30-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-clustered-lock@14.0.30-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-commons-jakarta@14.0.30-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-component-annotations@14.0.30-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-core-jakarta@14.0.30-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-hibernate-cache-commons@14.0.30-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-hibernate-cache-spi@14.0.30-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-hibernate-cache-v62@14.0.30-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-objectfilter@14.0.30-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-query@14.0.30-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-query-core@14.0.30-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-query-dsl@14.0.30-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-remote-query-client@14.0.30-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"product_id": "eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.3-9.GA_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.3-9.GA_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.3-9.GA_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"product_id": "eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-modules@8.0.3-9.GA_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-codemodel@4.0.5-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jaxb@4.0.5-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jaxb-core@4.0.5-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jaxb-jxc@4.0.5-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jaxb-runtime@4.0.5-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jaxb-xjc@4.0.5-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-relaxng-datatype@4.0.5-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-rngom@4.0.5-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-txw2@4.0.5-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-xsom@4.0.5-2.redhat_00001.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"product": {
"name": "eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"product_id": "eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-epoll@4.1.108-1.Final_redhat_00001.1.el8eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"product": {
"name": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"product_id": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-epoll-debuginfo@4.1.108-1.Final_redhat_00001.1.el8eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src"
},
"product_reference": "eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src"
},
"product_reference": "eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src"
},
"product_reference": "eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src"
},
"product_reference": "eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch"
},
"product_reference": "eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src"
},
"product_reference": "eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch"
},
"product_reference": "eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src"
},
"product_reference": "eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src"
},
"product_reference": "eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src"
},
"product_reference": "eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src"
},
"product_reference": "eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src"
},
"product_reference": "eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64"
},
"product_reference": "eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64"
},
"product_reference": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src"
},
"product_reference": "eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src"
},
"product_reference": "eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch"
},
"product_reference": "eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src"
},
"product_reference": "eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch"
},
"product_reference": "eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src"
},
"product_reference": "eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch"
},
"product_reference": "eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch"
},
"product_reference": "eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch"
},
"product_reference": "eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch"
},
"product_reference": "eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch"
},
"product_reference": "eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch"
},
"product_reference": "eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src"
},
"product_reference": "eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-28752",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-03-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2270732"
}
],
"notes": [
{
"category": "description",
"text": "A server-side request forgery (SSRF) vulnerability was found in Apache CXF. This issue occurs in attacks on webservices that take at least one parameter of any type, and when Aegisdatabind is used. Users of other data bindings including the default databinding are not impacted.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as an Important impact due to the fact this requires Aegis databind, which is not the default databinding for Apache CXF.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch"
],
"known_not_affected": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28752"
},
{
"category": "external",
"summary": "RHBZ#2270732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270732"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28752",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28752"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-qmgx-j96g-4428",
"url": "https://github.com/advisories/GHSA-qmgx-j96g-4428"
}
],
"release_date": "2024-03-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-15T20:11:43+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5479"
},
{
"category": "workaround",
"details": "No mitigation is currently available for this vulnerability. Please make sure to update as the fixes become available.",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding"
},
{
"cve": "CVE-2024-29025",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2272907"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the io.netty:netty-codec-http package. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling issues due to the accumulation of data in the HttpPostRequestDecoder. The decoder cumulates bytes in the undecodedChunk buffer until it can decode a field, allowing data to accumulate without limits. This flaw allows an attacker to cause a denial of service by sending a chunked post consisting of many small fields that will be accumulated in the bodyListHttpData list.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http: Allocation of Resources Without Limits or Throttling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in io.netty:netty-codec-http, allowing for Allocation of Resources Without Limits or Throttling issues, is assessed as moderate severity due to its potential impact on system availability and performance. By exploiting the flaw in HttpPostRequestDecoder, an attacker can craft chunked POST requests with numerous small fields, causing excessive accumulation of data in memory buffers. This unrestricted accumulation can lead to significant memory consumption on the server, potentially exhausting available resources and resulting in denial of service (DoS) conditions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch"
],
"known_not_affected": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29025"
},
{
"category": "external",
"summary": "RHBZ#2272907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025"
},
{
"category": "external",
"summary": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3",
"url": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c",
"url": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812",
"url": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812"
}
],
"release_date": "2024-03-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-15T20:11:43+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5479"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-http: Allocation of Resources Without Limits or Throttling"
},
{
"cve": "CVE-2024-29371",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-17T16:01:18.173727+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2423194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important as it can lead to a Denial of Service in applications that process untrusted JSON Web Encryption tokens. An attacker can craft a malicious JWE token with an exceptionally high compression ratio, causing excessive memory allocation and processing time during decompression in affected components like jose4j. This affects products such as Red Hat AMQ, Enterprise Application Platform (EAP 8.0.z, 8.1.z), Red Hat JBoss Fuse, JBoss Data Grid, OpenShift Developer Tools \u0026 Services, Red Hat build of Apache Camel, Red Hat Integration, Red Hat OpenShift Dev Spaces, Red Hat Process Automation Manager, Red Hat Single Sign-On (RH-SSO), Insights, cloud.redhat.com, and OpenShift Serverless.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "RHBZ#2423194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack",
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
],
"release_date": "2025-12-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-15T20:11:43+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5479"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression"
},
{
"cve": "CVE-2024-29857",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-06-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293028"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Bouncy Castle. An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java). Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch"
],
"known_not_affected": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29857"
},
{
"category": "external",
"summary": "RHBZ#2293028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293028"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29857"
}
],
"release_date": "2024-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-15T20:11:43+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5479"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service"
},
{
"acknowledgments": [
{
"names": [
"Hubert Kario"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2024-30171",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2024-04-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2276360"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Bouncy Castle Java cryptography APIs. Affected versions of the org.bouncycastle:bcprov-jdk18on package are vulnerable to Observable Timing Discrepancy via the PKCS#1 1.5 and OAEP decryption process (a.k.a. Marvin Attack). An attacker can recover cipher-texts via a side-channel attack by exploiting the Marvin security flaw. The PKCS#1 1.5 attack vector leaks data via javax.crypto.Cipher exceptions and the OAEP interface vector leaks via the bit size of the decrypted data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch"
],
"known_not_affected": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-30171"
},
{
"category": "external",
"summary": "RHBZ#2276360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276360"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-30171",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30171"
},
{
"category": "external",
"summary": "https://people.redhat.com/~hkario/marvin/",
"url": "https://people.redhat.com/~hkario/marvin/"
}
],
"release_date": "2024-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-15T20:11:43+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5479"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)"
},
{
"cve": "CVE-2024-30172",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-06-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293025"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Bouncy Castle Java Cryptography APIs. Affected versions of this package are vulnerable to an Infinite loop issue in ED25519 verification in the ScalarUtil class. This flaw allows an attacker to send a malicious signature and public key to trigger a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch"
],
"known_not_affected": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-30172"
},
{
"category": "external",
"summary": "RHBZ#2293025",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293025"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-30172",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30172"
},
{
"category": "external",
"summary": "https://www.bouncycastle.org/latest_releases.html",
"url": "https://www.bouncycastle.org/latest_releases.html"
}
],
"release_date": "2024-05-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-15T20:11:43+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5479"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class"
}
]
}
RHSA-2024:5481
Vulnerability from csaf_redhat - Published: 2024-08-15 20:11 - Updated: 2026-05-05 03:16Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.3 Security update
Severity
Important
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.2, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.3 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding [eap-8.0.z] (CVE-2024-28752)
* org.bouncycastle-bcprov-jdk18on: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack) [eap-8.0.z] (CVE-2024-30171)
* netty-codec-http: Allocation of Resources Without Limits or Throttling [eap-8.0.z] (CVE-2024-29025)
* org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class [eap-8.0.z] (CVE-2024-30172)
* org.bouncycastle:bcprov-jdk18on: org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service [eap-8.0.z] (CVE-2024-29857)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A server-side request forgery (SSRF) vulnerability was found in Apache CXF. This issue occurs in attacks on webservices that take at least one parameter of any type, and when Aegisdatabind is used. Users of other data bindings including the default databinding are not impacted.
7.4 (High)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:5481
Workaround
No mitigation is currently available for this vulnerability. Please make sure to update as the fixes become available.
A flaw was found in the io.netty:netty-codec-http package. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling issues due to the accumulation of data in the HttpPostRequestDecoder. The decoder cumulates bytes in the undecodedChunk buffer until it can decode a field, allowing data to accumulate without limits. This flaw allows an attacker to cause a denial of service by sending a chunked post consisting of many small fields that will be accumulated in the bodyListHttpData list.
5.3 (Medium)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:5481
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.
7.5 (High)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:5481
A vulnerability was found in Bouncy Castle. An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java). Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.
6.5 (Medium)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:5481
A flaw was found in the Bouncy Castle Java cryptography APIs. Affected versions of the org.bouncycastle:bcprov-jdk18on package are vulnerable to Observable Timing Discrepancy via the PKCS#1 1.5 and OAEP decryption process (a.k.a. Marvin Attack). An attacker can recover cipher-texts via a side-channel attack by exploiting the Marvin security flaw. The PKCS#1 1.5 attack vector leaks data via javax.crypto.Cipher exceptions and the OAEP interface vector leaks via the bit size of the decrypted data.
5.9 (Medium)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:5481
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the Bouncy Castle Java Cryptography APIs. Affected versions of this package are vulnerable to an Infinite loop issue in ED25519 verification in the ScalarUtil class. This flaw allows an attacker to send a malicious signature and public key to trigger a denial of service.
7.5 (High)
Vendor Fix
Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:5481
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
Red Hat
Hubert Kario
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.2, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.3 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding [eap-8.0.z] (CVE-2024-28752)\n\n* org.bouncycastle-bcprov-jdk18on: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack) [eap-8.0.z] (CVE-2024-30171)\n\n* netty-codec-http: Allocation of Resources Without Limits or Throttling [eap-8.0.z] (CVE-2024-29025)\n\n* org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class [eap-8.0.z] (CVE-2024-30172)\n\n* org.bouncycastle:bcprov-jdk18on: org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service [eap-8.0.z] (CVE-2024-29857)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:5481",
"url": "https://access.redhat.com/errata/RHSA-2024:5481"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/"
},
{
"category": "external",
"summary": "2270732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270732"
},
{
"category": "external",
"summary": "2272907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907"
},
{
"category": "external",
"summary": "2276360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276360"
},
{
"category": "external",
"summary": "2293025",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293025"
},
{
"category": "external",
"summary": "2293028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293028"
},
{
"category": "external",
"summary": "JBEAP-25224",
"url": "https://issues.redhat.com/browse/JBEAP-25224"
},
{
"category": "external",
"summary": "JBEAP-26018",
"url": "https://issues.redhat.com/browse/JBEAP-26018"
},
{
"category": "external",
"summary": "JBEAP-26696",
"url": "https://issues.redhat.com/browse/JBEAP-26696"
},
{
"category": "external",
"summary": "JBEAP-26790",
"url": "https://issues.redhat.com/browse/JBEAP-26790"
},
{
"category": "external",
"summary": "JBEAP-26791",
"url": "https://issues.redhat.com/browse/JBEAP-26791"
},
{
"category": "external",
"summary": "JBEAP-26793",
"url": "https://issues.redhat.com/browse/JBEAP-26793"
},
{
"category": "external",
"summary": "JBEAP-26802",
"url": "https://issues.redhat.com/browse/JBEAP-26802"
},
{
"category": "external",
"summary": "JBEAP-26816",
"url": "https://issues.redhat.com/browse/JBEAP-26816"
},
{
"category": "external",
"summary": "JBEAP-26823",
"url": "https://issues.redhat.com/browse/JBEAP-26823"
},
{
"category": "external",
"summary": "JBEAP-26843",
"url": "https://issues.redhat.com/browse/JBEAP-26843"
},
{
"category": "external",
"summary": "JBEAP-26886",
"url": "https://issues.redhat.com/browse/JBEAP-26886"
},
{
"category": "external",
"summary": "JBEAP-26932",
"url": "https://issues.redhat.com/browse/JBEAP-26932"
},
{
"category": "external",
"summary": "JBEAP-26948",
"url": "https://issues.redhat.com/browse/JBEAP-26948"
},
{
"category": "external",
"summary": "JBEAP-26961",
"url": "https://issues.redhat.com/browse/JBEAP-26961"
},
{
"category": "external",
"summary": "JBEAP-26962",
"url": "https://issues.redhat.com/browse/JBEAP-26962"
},
{
"category": "external",
"summary": "JBEAP-26966",
"url": "https://issues.redhat.com/browse/JBEAP-26966"
},
{
"category": "external",
"summary": "JBEAP-26986",
"url": "https://issues.redhat.com/browse/JBEAP-26986"
},
{
"category": "external",
"summary": "JBEAP-27002",
"url": "https://issues.redhat.com/browse/JBEAP-27002"
},
{
"category": "external",
"summary": "JBEAP-27019",
"url": "https://issues.redhat.com/browse/JBEAP-27019"
},
{
"category": "external",
"summary": "JBEAP-27055",
"url": "https://issues.redhat.com/browse/JBEAP-27055"
},
{
"category": "external",
"summary": "JBEAP-27090",
"url": "https://issues.redhat.com/browse/JBEAP-27090"
},
{
"category": "external",
"summary": "JBEAP-27192",
"url": "https://issues.redhat.com/browse/JBEAP-27192"
},
{
"category": "external",
"summary": "JBEAP-27194",
"url": "https://issues.redhat.com/browse/JBEAP-27194"
},
{
"category": "external",
"summary": "JBEAP-27261",
"url": "https://issues.redhat.com/browse/JBEAP-27261"
},
{
"category": "external",
"summary": "JBEAP-27262",
"url": "https://issues.redhat.com/browse/JBEAP-27262"
},
{
"category": "external",
"summary": "JBEAP-27327",
"url": "https://issues.redhat.com/browse/JBEAP-27327"
},
{
"category": "external",
"summary": "JBEAP-27356",
"url": "https://issues.redhat.com/browse/JBEAP-27356"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_5481.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.3 Security update",
"tracking": {
"current_release_date": "2026-05-05T03:16:25+00:00",
"generator": {
"date": "2026-05-05T03:16:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2024:5481",
"initial_release_date": "2024-08-15T20:11:37+00:00",
"revision_history": [
{
"date": "2024-08-15T20:11:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-08-15T20:11:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-05T03:16:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 8.0 for RHEL 9",
"product": {
"name": "Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src",
"product": {
"name": "eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src",
"product_id": "eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j@3.0.3-1.redhat_00008.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src",
"product": {
"name": "eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src",
"product_id": "eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-neethi@3.2.0-1.redhat_00004.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src",
"product_id": "eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jbossws-cxf@7.1.0-1.Final_redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-mod_cluster@2.0.3-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hal-console@3.6.19-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src",
"product": {
"name": "eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src",
"product_id": "eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-velocity@2.3.0-3.redhat_00009.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron@2.2.6-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-discovery@1.3.0-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-bouncycastle@1.78.1-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src",
"product_id": "eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-sshd@2.12.1-2.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.4-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-angus@2.0.3-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src",
"product_id": "eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-caffeine@3.1.8-2.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src",
"product": {
"name": "eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src",
"product_id": "eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jasypt@1.9.3-4.redhat_00004.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-mime4j@0.8.11-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src",
"product_id": "eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-mail@2.1.3-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src",
"product": {
"name": "eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src",
"product_id": "eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-java-classmate@1.5.1-3.redhat_00004.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jsf-impl@4.0.7-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-guava-failureaccess@1.0.2-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src",
"product_id": "eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-joda-time@2.12.7-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src",
"product": {
"name": "eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src",
"product_id": "eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-xml-security@3.0.4-1.redhat_00005.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src",
"product_id": "eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy@6.2.7-2.Final_redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty@4.1.108-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-stax2-api@4.2.2-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src",
"product_id": "eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-yasson@3.0.3-3.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src",
"product_id": "eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.15.0-6.redhat_00016.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src",
"product_id": "eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-cli@1.4.0-2.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src",
"product": {
"name": "eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src",
"product_id": "eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-angus-activation@2.0.1-3.redhat_00006.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src",
"product": {
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src",
"product_id": "eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-httpcomponents-asyncclient@4.1.5-3.redhat_00005.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-reactivex-rxjava@3.1.8-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src",
"product": {
"name": "eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src",
"product_id": "eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.21.0-5.redhat_00052.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-websocket@2.1.1-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-xnio-transport@0.1.10-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-metadata@16.0.0-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src",
"product_id": "eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hornetq@2.4.9-4.Final_redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src",
"product": {
"name": "eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src",
"product_id": "eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-xjc-utils@4.0.0-5.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src",
"product_id": "eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml@4.2.0-4.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-weld-core@5.1.2-2.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src",
"product_id": "eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-json-api@2.1.3-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src",
"product_id": "eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-parsson@1.1.5-2.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-xml-bind-api@4.0.1-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-epoll@4.1.108-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src",
"product_id": "eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-beanutils@1.9.4-13.redhat_00004.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src",
"product": {
"name": "eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src",
"product_id": "eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wsdl4j@1.6.3-5.redhat_00008.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src",
"product": {
"name": "eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src",
"product_id": "eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-httpcomponents-client@4.5.14-4.redhat_00012.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src",
"product_id": "eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.3.0-2.GA_redhat_00004.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-openjdk-orb@10.1.0-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan@14.0.30-2.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src",
"product": {
"name": "eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src",
"product_id": "eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.3-9.GA_redhat_00004.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src",
"product": {
"name": "eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src",
"product_id": "eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-api@6.0.0-5.redhat_00006.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jandex@3.0.8-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-byte-buddy@1.14.18-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src",
"product_id": "eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-guava-libraries@33.0.0-1.jre_redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.13-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src",
"product": {
"name": "eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src",
"product_id": "eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-httpcomponents-core@4.4.16-4.redhat_00010.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src",
"product_id": "eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jaxb@4.0.5-2.redhat_00001.1.el9eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"product": {
"name": "eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"product_id": "eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j@3.0.3-1.redhat_00008.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"product": {
"name": "eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"product_id": "eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-bindings@3.0.3-1.redhat_00008.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"product": {
"name": "eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"product_id": "eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-policy@3.0.3-1.redhat_00008.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"product": {
"name": "eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"product_id": "eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-ws-security-common@3.0.3-1.redhat_00008.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"product": {
"name": "eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"product_id": "eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-ws-security-dom@3.0.3-1.redhat_00008.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"product": {
"name": "eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"product_id": "eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-ws-security-policy-stax@3.0.3-1.redhat_00008.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"product": {
"name": "eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"product_id": "eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wss4j-ws-security-stax@3.0.3-1.redhat_00008.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch",
"product": {
"name": "eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch",
"product_id": "eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-neethi@3.2.0-1.redhat_00004.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jbossws-cxf@7.1.0-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-mod_cluster@2.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hal-console@3.6.19-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"product": {
"name": "eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"product_id": "eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-velocity@2.3.0-3.redhat_00009.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"product": {
"name": "eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"product_id": "eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-velocity-engine-core@2.3.0-3.redhat_00009.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron@2.2.6-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron-tool@2.2.6-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-discovery-client@1.3.0-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-bouncycastle@1.78.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-bouncycastle-jmail@1.78.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-bouncycastle-pg@1.78.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-bouncycastle-pkix@1.78.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-bouncycastle-prov@1.78.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-bouncycastle-util@1.78.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-sshd@2.12.1-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.4-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.4-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.4-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.4-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-angus-mail@2.0.3-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-caffeine@3.1.8-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch",
"product": {
"name": "eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch",
"product_id": "eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jasypt@1.9.3-4.redhat_00004.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-mime4j@0.8.11-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-mime4j-dom@0.8.11-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-mime4j-storage@0.8.11-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-mail@2.1.3-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch",
"product": {
"name": "eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch",
"product_id": "eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-java-classmate@1.5.1-3.redhat_00004.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jsf-impl@4.0.7-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-guava-failureaccess@1.0.2-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-joda-time@2.12.7-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch",
"product_id": "eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-xml-security@3.0.4-1.redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy@6.2.7-2.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-atom-provider@6.2.7-2.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-cdi@6.2.7-2.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-client@6.2.7-2.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-client-api@6.2.7-2.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-core@6.2.7-2.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-core-spi@6.2.7-2.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-crypto@6.2.7-2.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-jackson2-provider@6.2.7-2.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-jaxb-provider@6.2.7-2.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-jsapi@6.2.7-2.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-json-binding-provider@6.2.7-2.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-json-p-provider@6.2.7-2.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-multipart-provider@6.2.7-2.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-rxjava2@6.2.7-2.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-validator-provider@6.2.7-2.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty@4.1.108-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-buffer@4.1.108-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec@4.1.108-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec-dns@4.1.108-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec-http@4.1.108-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec-socks@4.1.108-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-common@4.1.108-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-handler@4.1.108-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-handler-proxy@4.1.108-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-resolver@4.1.108-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-resolver-dns@4.1.108-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport@4.1.108-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-classes-epoll@4.1.108-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-unix-common@4.1.108-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-stax2-api@4.2.2-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-yasson@3.0.3-3.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch",
"product_id": "eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.15.0-6.redhat_00016.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch",
"product_id": "eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-cli@1.4.0-2.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch",
"product": {
"name": "eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch",
"product_id": "eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-angus-activation@2.0.1-3.redhat_00006.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch",
"product_id": "eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-httpcomponents-asyncclient@4.1.5-3.redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-reactivex-rxjava@3.1.8-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.21.0-5.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.21.0-5.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.21.0-5.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.21.0-5.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.21.0-5.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.21.0-5.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.21.0-5.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.21.0-5.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.21.0-5.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.21.0-5.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.21.0-5.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.21.0-5.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.21.0-5.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.21.0-5.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-server@2.21.0-5.redhat_00052.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-websocket-api@2.1.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-websocket-client-api@2.1.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-xnio-transport@0.1.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-metadata@16.0.0-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-metadata-appclient@16.0.0-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-metadata-common@16.0.0-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-metadata-ear@16.0.0-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-metadata-ejb@16.0.0-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-metadata-web@16.0.0-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hornetq@2.4.9-4.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hornetq-commons@2.4.9-4.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hornetq-core-client@2.4.9-4.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hornetq-jakarta-client@2.4.9-4.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-xjc-utils@4.0.0-5.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"product_id": "eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cxf-xjc-boolean@4.0.0-5.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"product_id": "eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cxf-xjc-bug986@4.0.0-5.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"product_id": "eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cxf-xjc-dv@4.0.0-5.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"product_id": "eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cxf-xjc-runtime@4.0.0-5.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"product_id": "eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cxf-xjc-ts@4.0.0-5.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml@4.2.0-4.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-core@4.2.0-4.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-profile-api@4.2.0-4.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-saml-api@4.2.0-4.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-saml-impl@4.2.0-4.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-security-api@4.2.0-4.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-security-impl@4.2.0-4.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-soap-api@4.2.0-4.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xacml-api@4.2.0-4.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xacml-impl@4.2.0-4.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xacml-saml-api@4.2.0-4.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xacml-saml-impl@4.2.0-4.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xmlsec-api@4.2.0-4.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-opensaml-xmlsec-impl@4.2.0-4.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-weld-core@5.1.2-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-weld-core-impl@5.1.2-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-weld-core-jsf@5.1.2-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-weld-ejb@5.1.2-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-weld-jta@5.1.2-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-weld-lite-extension-translator@5.1.2-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-weld-web@5.1.2-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-json-api@2.1.3-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-parsson@1.1.5-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-xml-bind-api@4.0.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch",
"product_id": "eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-beanutils@1.9.4-13.redhat_00004.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch",
"product": {
"name": "eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch",
"product_id": "eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wsdl4j@1.6.3-5.redhat_00008.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch",
"product": {
"name": "eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch",
"product_id": "eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-httpcomponents-client@4.5.14-4.redhat_00012.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"product_id": "eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.3.0-2.GA_redhat_00004.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"product": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"product_id": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.3.0-2.GA_redhat_00004.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-openjdk-orb@10.1.0-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan@14.0.30-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-cachestore-jdbc-common-jakarta@14.0.30-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-cachestore-jdbc-jakarta@14.0.30-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-cachestore-remote@14.0.30-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-cdi-common-jakarta@14.0.30-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-cdi-embedded-jakarta@14.0.30-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-cdi-remote-jakarta@14.0.30-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-client-hotrod-jakarta@14.0.30-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-clustered-counter@14.0.30-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-clustered-lock@14.0.30-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-commons-jakarta@14.0.30-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-component-annotations@14.0.30-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-core-jakarta@14.0.30-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-hibernate-cache-commons@14.0.30-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-hibernate-cache-spi@14.0.30-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-hibernate-cache-v62@14.0.30-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-objectfilter@14.0.30-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-query@14.0.30-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-query-core@14.0.30-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-query-dsl@14.0.30-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-infinispan-remote-query-client@14.0.30-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"product_id": "eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.3-9.GA_redhat_00004.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.3-9.GA_redhat_00004.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.3-9.GA_redhat_00004.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"product_id": "eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-modules@8.0.3-9.GA_redhat_00004.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch",
"product": {
"name": "eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch",
"product_id": "eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-api@6.0.0-5.redhat_00006.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jandex@3.0.8-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-byte-buddy@1.14.18-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-guava@33.0.0-1.jre_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-guava-libraries@33.0.0-1.jre_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.13-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j-api@2.0.13-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch",
"product": {
"name": "eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch",
"product_id": "eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-httpcomponents-core@4.4.16-4.redhat_00010.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-codemodel@4.0.5-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jaxb@4.0.5-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jaxb-core@4.0.5-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jaxb-jxc@4.0.5-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jaxb-runtime@4.0.5-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jaxb-xjc@4.0.5-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-relaxng-datatype@4.0.5-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-rngom@4.0.5-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-txw2@4.0.5-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-xsom@4.0.5-2.redhat_00001.1.el9eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"product": {
"name": "eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"product_id": "eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-epoll@4.1.108-1.Final_redhat_00001.1.el9eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"product": {
"name": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"product_id": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-epoll-debuginfo@4.1.108-1.Final_redhat_00001.1.el9eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src"
},
"product_reference": "eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch"
},
"product_reference": "eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src"
},
"product_reference": "eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src"
},
"product_reference": "eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch"
},
"product_reference": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src"
},
"product_reference": "eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch"
},
"product_reference": "eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src"
},
"product_reference": "eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch"
},
"product_reference": "eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src"
},
"product_reference": "eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch"
},
"product_reference": "eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src"
},
"product_reference": "eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch"
},
"product_reference": "eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src"
},
"product_reference": "eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch"
},
"product_reference": "eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src"
},
"product_reference": "eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch"
},
"product_reference": "eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src"
},
"product_reference": "eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64"
},
"product_reference": "eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64"
},
"product_reference": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch"
},
"product_reference": "eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src"
},
"product_reference": "eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch"
},
"product_reference": "eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src"
},
"product_reference": "eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch"
},
"product_reference": "eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src"
},
"product_reference": "eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch"
},
"product_reference": "eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src"
},
"product_reference": "eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch"
},
"product_reference": "eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch"
},
"product_reference": "eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch"
},
"product_reference": "eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch"
},
"product_reference": "eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch"
},
"product_reference": "eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch"
},
"product_reference": "eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src"
},
"product_reference": "eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-28752",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-03-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2270732"
}
],
"notes": [
{
"category": "description",
"text": "A server-side request forgery (SSRF) vulnerability was found in Apache CXF. This issue occurs in attacks on webservices that take at least one parameter of any type, and when Aegisdatabind is used. Users of other data bindings including the default databinding are not impacted.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as an Important impact due to the fact this requires Aegis databind, which is not the default databinding for Apache CXF.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch"
],
"known_not_affected": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28752"
},
{
"category": "external",
"summary": "RHBZ#2270732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270732"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28752",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28752"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-qmgx-j96g-4428",
"url": "https://github.com/advisories/GHSA-qmgx-j96g-4428"
}
],
"release_date": "2024-03-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-15T20:11:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5481"
},
{
"category": "workaround",
"details": "No mitigation is currently available for this vulnerability. Please make sure to update as the fixes become available.",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding"
},
{
"cve": "CVE-2024-29025",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2272907"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the io.netty:netty-codec-http package. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling issues due to the accumulation of data in the HttpPostRequestDecoder. The decoder cumulates bytes in the undecodedChunk buffer until it can decode a field, allowing data to accumulate without limits. This flaw allows an attacker to cause a denial of service by sending a chunked post consisting of many small fields that will be accumulated in the bodyListHttpData list.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http: Allocation of Resources Without Limits or Throttling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in io.netty:netty-codec-http, allowing for Allocation of Resources Without Limits or Throttling issues, is assessed as moderate severity due to its potential impact on system availability and performance. By exploiting the flaw in HttpPostRequestDecoder, an attacker can craft chunked POST requests with numerous small fields, causing excessive accumulation of data in memory buffers. This unrestricted accumulation can lead to significant memory consumption on the server, potentially exhausting available resources and resulting in denial of service (DoS) conditions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29025"
},
{
"category": "external",
"summary": "RHBZ#2272907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025"
},
{
"category": "external",
"summary": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3",
"url": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c",
"url": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812",
"url": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812"
}
],
"release_date": "2024-03-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-15T20:11:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5481"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-http: Allocation of Resources Without Limits or Throttling"
},
{
"cve": "CVE-2024-29371",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-17T16:01:18.173727+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2423194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important as it can lead to a Denial of Service in applications that process untrusted JSON Web Encryption tokens. An attacker can craft a malicious JWE token with an exceptionally high compression ratio, causing excessive memory allocation and processing time during decompression in affected components like jose4j. This affects products such as Red Hat AMQ, Enterprise Application Platform (EAP 8.0.z, 8.1.z), Red Hat JBoss Fuse, JBoss Data Grid, OpenShift Developer Tools \u0026 Services, Red Hat build of Apache Camel, Red Hat Integration, Red Hat OpenShift Dev Spaces, Red Hat Process Automation Manager, Red Hat Single Sign-On (RH-SSO), Insights, cloud.redhat.com, and OpenShift Serverless.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "RHBZ#2423194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack",
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
],
"release_date": "2025-12-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-15T20:11:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5481"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression"
},
{
"cve": "CVE-2024-29857",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293028"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Bouncy Castle. An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java). Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29857"
},
{
"category": "external",
"summary": "RHBZ#2293028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293028"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29857"
}
],
"release_date": "2024-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-15T20:11:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5481"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service"
},
{
"acknowledgments": [
{
"names": [
"Hubert Kario"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2024-30171",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2024-04-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2276360"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Bouncy Castle Java cryptography APIs. Affected versions of the org.bouncycastle:bcprov-jdk18on package are vulnerable to Observable Timing Discrepancy via the PKCS#1 1.5 and OAEP decryption process (a.k.a. Marvin Attack). An attacker can recover cipher-texts via a side-channel attack by exploiting the Marvin security flaw. The PKCS#1 1.5 attack vector leaks data via javax.crypto.Cipher exceptions and the OAEP interface vector leaks via the bit size of the decrypted data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-30171"
},
{
"category": "external",
"summary": "RHBZ#2276360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276360"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-30171",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30171"
},
{
"category": "external",
"summary": "https://people.redhat.com/~hkario/marvin/",
"url": "https://people.redhat.com/~hkario/marvin/"
}
],
"release_date": "2024-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-15T20:11:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5481"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)"
},
{
"cve": "CVE-2024-30172",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293025"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Bouncy Castle Java Cryptography APIs. Affected versions of this package are vulnerable to an Infinite loop issue in ED25519 verification in the ScalarUtil class. This flaw allows an attacker to send a malicious signature and public key to trigger a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-30172"
},
{
"category": "external",
"summary": "RHBZ#2293025",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293025"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-30172",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30172"
},
{
"category": "external",
"summary": "https://www.bouncycastle.org/latest_releases.html",
"url": "https://www.bouncycastle.org/latest_releases.html"
}
],
"release_date": "2024-05-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-15T20:11:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5481"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.21.0-5.redhat_00052.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.21.0-5.redhat_00052.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-0:2.0.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-angus-activation-0:2.0.1-3.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-angus-mail-0:2.0.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-beanutils-0:1.9.4-13.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-cli-0:1.4.0-2.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.15.0-6.redhat_00016.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-0:0.8.11-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-mime4j-dom-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-mime4j-storage-0:0.8.11-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-sshd-0:2.12.1-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-0:1.78.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-bouncycastle-jmail-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pg-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-pkix-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-prov-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-bouncycastle-util-0:1.78.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-byte-buddy-0:1.14.18-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-caffeine-0:3.1.8-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-codemodel-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-boolean-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-bug986-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-dv-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-runtime-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cxf-xjc-ts-0:4.0.0-5.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.3.0-2.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.3.0-2.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-failureaccess-0:1.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-guava-libraries-0:33.0.0-1.jre_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hal-console-0:3.6.19-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-0:2.4.9-4.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hornetq-commons-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-core-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hornetq-jakarta-client-0:2.4.9-4.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-asyncclient-0:4.1.5-3.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-client-0:4.5.14-4.redhat_00012.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-httpcomponents-core-0:4.4.16-4.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-0:14.0.30-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-jdbc-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cachestore-remote-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-common-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-embedded-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-cdi-remote-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-client-hotrod-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-counter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-clustered-lock-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-commons-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-component-annotations-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-core-jakarta-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-commons-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-spi-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-hibernate-cache-v62-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-objectfilter-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-core-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-query-dsl-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-infinispan-remote-query-client-0:14.0.30-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-json-api-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-mail-0:2.1.3-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-api-0:6.0.0-5.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-0:2.1.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-websocket-client-api-0:2.1.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-xml-bind-api-0:4.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jandex-0:3.0.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jasypt-0:1.9.3-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-java-classmate-0:1.5.1-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-0:4.0.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jaxb-core-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-jxc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-runtime-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jaxb-xjc-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-0:16.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-metadata-appclient-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-common-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ear-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-ejb-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-metadata-web-0:16.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-openjdk-orb-0:10.1.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jbossws-cxf-0:7.1.0-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-joda-time-0:2.12.7-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jsf-impl-0:4.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-mod_cluster-0:2.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-neethi-0:3.2.0-1.redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-buffer-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-http-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-codec-socks-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-handler-proxy-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-resolver-dns-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-classes-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-epoll-debuginfo-0:4.1.108-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-netty-transport-native-unix-common-0:4.1.108-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-netty-xnio-transport-0:0.1.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-0:4.2.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-opensaml-core-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-profile-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-security-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-soap-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xacml-saml-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-api-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-opensaml-xmlsec-impl-0:4.2.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-parsson-0:1.1.5-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-reactivex-rxjava-0:3.1.8-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-relaxng-datatype-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-0:6.2.7-2.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-atom-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-cdi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-client-api-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-core-spi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-crypto-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jackson2-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jaxb-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-jsapi-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-binding-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-json-p-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-multipart-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-rxjava2-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-validator-provider-0:6.2.7-2.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-rngom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.13-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.13-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-stax2-api-0:4.2.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-txw2-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-velocity-0:2.3.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-velocity-engine-core-0:2.3.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-0:5.1.2-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-weld-core-impl-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-core-jsf-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-ejb-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-jta-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-lite-extension-translator-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-weld-web-0:5.1.2-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.3-9.GA_redhat_00004.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-0:1.3.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-discovery-client-0:1.3.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-0:2.2.6-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-elytron-tool-0:2.2.6-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.3-9.GA_redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wsdl4j-0:1.6.3-5.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-0:3.0.3-1.redhat_00008.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wss4j-bindings-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-policy-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-common-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-dom-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-policy-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wss4j-ws-security-stax-0:3.0.3-1.redhat_00008.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-xml-security-0:3.0.4-1.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-xsom-0:4.0.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-yasson-0:3.0.3-3.redhat_00002.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class"
}
]
}
RHSA-2026:10199
Vulnerability from csaf_redhat - Published: 2026-04-23 16:00 - Updated: 2026-05-05 03:16Summary
Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.21 security update.
Severity
Important
Notes
Topic: An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.21.
Details: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.21 security update.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.
7.5 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.21 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10199
A flaw was found in Jenkins. This vulnerability, identified as a stored cross-site scripting (XSS) issue, occurs because Jenkins does not properly escape the user-provided description for the "Mark temporarily offline" cause. An attacker with Agent/Configure or Agent/Disconnect permissions can exploit this to inject malicious scripts, leading to potential information disclosure or unauthorized actions within the user's browser.
4.6 (Medium)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.21 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10199
A flaw was found in Jenkins. An attacker with Item/Build and Item/Configure permissions can exploit this vulnerability by submitting Run Parameter values that refer to builds they do not have authorization to access. This allows the attacker to obtain sensitive information, including the existence of jobs, the existence of builds, and the display names of specific builds. This is an information disclosure vulnerability.
4.3 (Medium)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.21 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10199
A flaw was found in Jenkins. This vulnerability allows attackers with Item/Configure permission, or those who can control agent processes, to exploit unsafe handling of symbolic links during the extraction of .tar and .tar.gz archives. By crafting malicious archives, an attacker can write files to arbitrary locations on the filesystem. This could enable the deployment of malicious scripts or plugins on the Jenkins controller, potentially leading to unauthorized code execution.
8.8 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.21 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10199
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.21.",
"title": "Topic"
},
{
"category": "general",
"text": "Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.21 security update.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:10199",
"url": "https://access.redhat.com/errata/RHSA-2026:10199"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-29371",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27099",
"url": "https://access.redhat.com/security/cve/CVE-2026-27099"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27100",
"url": "https://access.redhat.com/security/cve/CVE-2026-27100"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33001",
"url": "https://access.redhat.com/security/cve/CVE-2026-33001"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/openshift_container_platform/4.21/html/jenkins",
"url": "https://docs.redhat.com/en/documentation/openshift_container_platform/4.21/html/jenkins"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_10199.json"
}
],
"title": "Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.21 security update.",
"tracking": {
"current_release_date": "2026-05-05T03:16:31+00:00",
"generator": {
"date": "2026-05-05T03:16:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:10199",
"initial_release_date": "2026-04-23T16:00:39+00:00",
"revision_history": [
{
"date": "2026-04-23T16:00:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-23T16:00:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-05T03:16:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services 4.21",
"product": {
"name": "OpenShift Developer Tools and Services 4.21",
"product_id": "OpenShift Developer Tools and Services 4.21",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.21::el9"
}
}
}
],
"category": "product_family",
"name": "OpenShift Developer Tools and Services"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel9@sha256%3A960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd?arch=amd64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944183"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel9@sha256%3A0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630?arch=amd64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944215"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel9@sha256%3A486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97?arch=arm64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944183"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel9@sha256%3A1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4?arch=arm64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944215"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel9@sha256%3Aa41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190?arch=ppc64le\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944183"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel9@sha256%3Aab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454?arch=ppc64le\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944215"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel9@sha256%3Acef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96?arch=s390x\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944183"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel9@sha256%3Ab453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7?arch=s390x\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944215"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64 as a component of OpenShift Developer Tools and Services 4.21",
"product_id": "OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.21"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64 as a component of OpenShift Developer Tools and Services 4.21",
"product_id": "OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.21"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le as a component of OpenShift Developer Tools and Services 4.21",
"product_id": "OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.21"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x as a component of OpenShift Developer Tools and Services 4.21",
"product_id": "OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.21"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64 as a component of OpenShift Developer Tools and Services 4.21",
"product_id": "OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.21"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64 as a component of OpenShift Developer Tools and Services 4.21",
"product_id": "OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.21"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le as a component of OpenShift Developer Tools and Services 4.21",
"product_id": "OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.21"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x as a component of OpenShift Developer Tools and Services 4.21",
"product_id": "OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.21"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-29371",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-17T16:01:18.173727+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2423194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important as it can lead to a Denial of Service in applications that process untrusted JSON Web Encryption tokens. An attacker can craft a malicious JWE token with an exceptionally high compression ratio, causing excessive memory allocation and processing time during decompression in affected components like jose4j. This affects products such as Red Hat AMQ, Enterprise Application Platform (EAP 8.0.z, 8.1.z), Red Hat JBoss Fuse, JBoss Data Grid, OpenShift Developer Tools \u0026 Services, Red Hat build of Apache Camel, Red Hat Integration, Red Hat OpenShift Dev Spaces, Red Hat Process Automation Manager, Red Hat Single Sign-On (RH-SSO), Insights, cloud.redhat.com, and OpenShift Serverless.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "RHBZ#2423194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack",
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
],
"release_date": "2025-12-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T16:00:39+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.21 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10199"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression"
},
{
"cve": "CVE-2026-27099",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-02-18T15:02:52.012661+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440638"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. This vulnerability, identified as a stored cross-site scripting (XSS) issue, occurs because Jenkins does not properly escape the user-provided description for the \"Mark temporarily offline\" cause. An attacker with Agent/Configure or Agent/Disconnect permissions can exploit this to inject malicious scripts, leading to potential information disclosure or unauthorized actions within the user\u0027s browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jenkins-ci.main/jenkins-core: Jenkins: Stored Cross-site Scripting (XSS) via unescaped user-provided offline cause description",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Jenkins allows authenticated attackers with Agent/Configure or Agent/Disconnect permissions to inject malicious scripts into the \"Mark temporarily offline\" cause description. This stored cross-site scripting (XSS) flaw can lead to information disclosure or unauthorized actions within a user\u0027s browser when viewing the affected description. Red Hat OpenShift Developer Tools \u0026 Services are affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27099"
},
{
"category": "external",
"summary": "RHBZ#2440638",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440638"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27099",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27099"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27099",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27099"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3669",
"url": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3669"
}
],
"release_date": "2026-02-18T14:17:43.911000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T16:00:39+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.21 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10199"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jenkins-ci.main/jenkins-core: Jenkins: Stored Cross-site Scripting (XSS) via unescaped user-provided offline cause description"
},
{
"cve": "CVE-2026-27100",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-02-18T15:02:47.032150+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440637"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. An attacker with Item/Build and Item/Configure permissions can exploit this vulnerability by submitting Run Parameter values that refer to builds they do not have authorization to access. This allows the attacker to obtain sensitive information, including the existence of jobs, the existence of builds, and the display names of specific builds. This is an information disclosure vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jenkins-ci.main/jenkins-core: Jenkins: Information disclosure via unauthorized access to build parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This information disclosure vulnerability in Jenkins allows an attacker with Item/Build and Item/Configure permissions to gain knowledge about the existence and display names of jobs and builds they are not authorized to access. This affects Jenkins instances in OpenShift Developer Tools \u0026 Services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27100"
},
{
"category": "external",
"summary": "RHBZ#2440637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440637"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27100",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27100"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27100",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27100"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3658",
"url": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3658"
}
],
"release_date": "2026-02-18T14:17:44.672000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T16:00:39+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.21 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10199"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jenkins-ci.main/jenkins-core: Jenkins: Information disclosure via unauthorized access to build parameters"
},
{
"cve": "CVE-2026-33001",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-03-18T16:02:14.310096+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448645"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. This vulnerability allows attackers with Item/Configure permission, or those who can control agent processes, to exploit unsafe handling of symbolic links during the extraction of .tar and .tar.gz archives. By crafting malicious archives, an attacker can write files to arbitrary locations on the filesystem. This could enable the deployment of malicious scripts or plugins on the Jenkins controller, potentially leading to unauthorized code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Jenkins: Arbitrary file write and potential code execution through crafted archives",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33001"
},
{
"category": "external",
"summary": "RHBZ#2448645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448645"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33001",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33001"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33001",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33001"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-03-18/#SECURITY-3657",
"url": "https://www.jenkins.io/security/advisory/2026-03-18/#SECURITY-3657"
}
],
"release_date": "2026-03-18T15:15:23.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T16:00:39+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.21 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10199"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.21:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins: Jenkins: Arbitrary file write and potential code execution through crafted archives"
}
]
}
RHSA-2026:10201
Vulnerability from csaf_redhat - Published: 2026-04-23 16:39 - Updated: 2026-05-05 03:16Summary
Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.13 security update.
Severity
Important
Notes
Topic: An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.13.
Details: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.13 security update.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.
7.5 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.13 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10201
A flaw was found in Jenkins. This vulnerability, identified as a stored cross-site scripting (XSS) issue, occurs because Jenkins does not properly escape the user-provided description for the "Mark temporarily offline" cause. An attacker with Agent/Configure or Agent/Disconnect permissions can exploit this to inject malicious scripts, leading to potential information disclosure or unauthorized actions within the user's browser.
4.6 (Medium)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.13 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10201
A flaw was found in Jenkins. An attacker with Item/Build and Item/Configure permissions can exploit this vulnerability by submitting Run Parameter values that refer to builds they do not have authorization to access. This allows the attacker to obtain sensitive information, including the existence of jobs, the existence of builds, and the display names of specific builds. This is an information disclosure vulnerability.
4.3 (Medium)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.13 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10201
A flaw was found in Jenkins. This vulnerability allows attackers with Item/Configure permission, or those who can control agent processes, to exploit unsafe handling of symbolic links during the extraction of .tar and .tar.gz archives. By crafting malicious archives, an attacker can write files to arbitrary locations on the filesystem. This could enable the deployment of malicious scripts or plugins on the Jenkins controller, potentially leading to unauthorized code execution.
8.8 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.13 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10201
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.13.",
"title": "Topic"
},
{
"category": "general",
"text": "Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.13 security update.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:10201",
"url": "https://access.redhat.com/errata/RHSA-2026:10201"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-29371",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27099",
"url": "https://access.redhat.com/security/cve/CVE-2026-27099"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27100",
"url": "https://access.redhat.com/security/cve/CVE-2026-27100"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33001",
"url": "https://access.redhat.com/security/cve/CVE-2026-33001"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html/jenkins",
"url": "https://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html/jenkins"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_10201.json"
}
],
"title": "Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.13 security update.",
"tracking": {
"current_release_date": "2026-05-05T03:16:31+00:00",
"generator": {
"date": "2026-05-05T03:16:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:10201",
"initial_release_date": "2026-04-23T16:39:39+00:00",
"revision_history": [
{
"date": "2026-04-23T16:39:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-23T16:39:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-05T03:16:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services 4.13",
"product": {
"name": "OpenShift Developer Tools and Services 4.13",
"product_id": "OpenShift Developer Tools and Services 4.13",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.13::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Developer Tools and Services"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel8@sha256%3Aad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872?arch=amd64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776760341"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel8@sha256%3A8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7?arch=amd64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776764096"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel8@sha256%3A3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230?arch=arm64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776760341"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel8@sha256%3A7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056?arch=ppc64le\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776760341"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel8@sha256%3A3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39?arch=s390x\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776760341"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64 as a component of OpenShift Developer Tools and Services 4.13",
"product_id": "OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x as a component of OpenShift Developer Tools and Services 4.13",
"product_id": "OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le as a component of OpenShift Developer Tools and Services 4.13",
"product_id": "OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64 as a component of OpenShift Developer Tools and Services 4.13",
"product_id": "OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64 as a component of OpenShift Developer Tools and Services 4.13",
"product_id": "OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.13"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-29371",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-17T16:01:18.173727+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2423194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important as it can lead to a Denial of Service in applications that process untrusted JSON Web Encryption tokens. An attacker can craft a malicious JWE token with an exceptionally high compression ratio, causing excessive memory allocation and processing time during decompression in affected components like jose4j. This affects products such as Red Hat AMQ, Enterprise Application Platform (EAP 8.0.z, 8.1.z), Red Hat JBoss Fuse, JBoss Data Grid, OpenShift Developer Tools \u0026 Services, Red Hat build of Apache Camel, Red Hat Integration, Red Hat OpenShift Dev Spaces, Red Hat Process Automation Manager, Red Hat Single Sign-On (RH-SSO), Insights, cloud.redhat.com, and OpenShift Serverless.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "RHBZ#2423194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack",
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
],
"release_date": "2025-12-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T16:39:39+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.13 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10201"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression"
},
{
"cve": "CVE-2026-27099",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-02-18T15:02:52.012661+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440638"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. This vulnerability, identified as a stored cross-site scripting (XSS) issue, occurs because Jenkins does not properly escape the user-provided description for the \"Mark temporarily offline\" cause. An attacker with Agent/Configure or Agent/Disconnect permissions can exploit this to inject malicious scripts, leading to potential information disclosure or unauthorized actions within the user\u0027s browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jenkins-ci.main/jenkins-core: Jenkins: Stored Cross-site Scripting (XSS) via unescaped user-provided offline cause description",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Jenkins allows authenticated attackers with Agent/Configure or Agent/Disconnect permissions to inject malicious scripts into the \"Mark temporarily offline\" cause description. This stored cross-site scripting (XSS) flaw can lead to information disclosure or unauthorized actions within a user\u0027s browser when viewing the affected description. Red Hat OpenShift Developer Tools \u0026 Services are affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27099"
},
{
"category": "external",
"summary": "RHBZ#2440638",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440638"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27099",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27099"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27099",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27099"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3669",
"url": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3669"
}
],
"release_date": "2026-02-18T14:17:43.911000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T16:39:39+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.13 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10201"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jenkins-ci.main/jenkins-core: Jenkins: Stored Cross-site Scripting (XSS) via unescaped user-provided offline cause description"
},
{
"cve": "CVE-2026-27100",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-02-18T15:02:47.032150+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440637"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. An attacker with Item/Build and Item/Configure permissions can exploit this vulnerability by submitting Run Parameter values that refer to builds they do not have authorization to access. This allows the attacker to obtain sensitive information, including the existence of jobs, the existence of builds, and the display names of specific builds. This is an information disclosure vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jenkins-ci.main/jenkins-core: Jenkins: Information disclosure via unauthorized access to build parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This information disclosure vulnerability in Jenkins allows an attacker with Item/Build and Item/Configure permissions to gain knowledge about the existence and display names of jobs and builds they are not authorized to access. This affects Jenkins instances in OpenShift Developer Tools \u0026 Services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27100"
},
{
"category": "external",
"summary": "RHBZ#2440637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440637"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27100",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27100"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27100",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27100"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3658",
"url": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3658"
}
],
"release_date": "2026-02-18T14:17:44.672000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T16:39:39+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.13 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10201"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jenkins-ci.main/jenkins-core: Jenkins: Information disclosure via unauthorized access to build parameters"
},
{
"cve": "CVE-2026-33001",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-03-18T16:02:14.310096+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448645"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. This vulnerability allows attackers with Item/Configure permission, or those who can control agent processes, to exploit unsafe handling of symbolic links during the extraction of .tar and .tar.gz archives. By crafting malicious archives, an attacker can write files to arbitrary locations on the filesystem. This could enable the deployment of malicious scripts or plugins on the Jenkins controller, potentially leading to unauthorized code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Jenkins: Arbitrary file write and potential code execution through crafted archives",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33001"
},
{
"category": "external",
"summary": "RHBZ#2448645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448645"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33001",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33001"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33001",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33001"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-03-18/#SECURITY-3657",
"url": "https://www.jenkins.io/security/advisory/2026-03-18/#SECURITY-3657"
}
],
"release_date": "2026-03-18T15:15:23.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T16:39:39+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.13 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10201"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"OpenShift Developer Tools and Services 4.13:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:8b5e1f1b924de7b31a2856c84548a1369b433170205175ce65faa0d61aaae0a7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins: Jenkins: Arbitrary file write and potential code execution through crafted archives"
}
]
}
RHSA-2026:10215
Vulnerability from csaf_redhat - Published: 2026-04-23 17:30 - Updated: 2026-05-05 03:16Summary
Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.18 security update.
Severity
Important
Notes
Topic: An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.18.
Details: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.18 security update.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.
7.5 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.18 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10215
A flaw was found in Jenkins. This vulnerability, identified as a stored cross-site scripting (XSS) issue, occurs because Jenkins does not properly escape the user-provided description for the "Mark temporarily offline" cause. An attacker with Agent/Configure or Agent/Disconnect permissions can exploit this to inject malicious scripts, leading to potential information disclosure or unauthorized actions within the user's browser.
4.6 (Medium)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.18 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10215
A flaw was found in Jenkins. An attacker with Item/Build and Item/Configure permissions can exploit this vulnerability by submitting Run Parameter values that refer to builds they do not have authorization to access. This allows the attacker to obtain sensitive information, including the existence of jobs, the existence of builds, and the display names of specific builds. This is an information disclosure vulnerability.
4.3 (Medium)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.18 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10215
A flaw was found in Jenkins. This vulnerability allows attackers with Item/Configure permission, or those who can control agent processes, to exploit unsafe handling of symbolic links during the extraction of .tar and .tar.gz archives. By crafting malicious archives, an attacker can write files to arbitrary locations on the filesystem. This could enable the deployment of malicious scripts or plugins on the Jenkins controller, potentially leading to unauthorized code execution.
8.8 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.18 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10215
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.18.",
"title": "Topic"
},
{
"category": "general",
"text": "Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.18 security update.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:10215",
"url": "https://access.redhat.com/errata/RHSA-2026:10215"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-29371",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27099",
"url": "https://access.redhat.com/security/cve/CVE-2026-27099"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27100",
"url": "https://access.redhat.com/security/cve/CVE-2026-27100"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33001",
"url": "https://access.redhat.com/security/cve/CVE-2026-33001"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/jenkins",
"url": "https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/jenkins"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_10215.json"
}
],
"title": "Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.18 security update.",
"tracking": {
"current_release_date": "2026-05-05T03:16:34+00:00",
"generator": {
"date": "2026-05-05T03:16:34+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:10215",
"initial_release_date": "2026-04-23T17:30:01+00:00",
"revision_history": [
{
"date": "2026-04-23T17:30:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-23T17:30:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-05T03:16:34+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services 4.18",
"product": {
"name": "OpenShift Developer Tools and Services 4.18",
"product_id": "OpenShift Developer Tools and Services 4.18",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.18::el9"
}
}
}
],
"category": "product_family",
"name": "OpenShift Developer Tools and Services"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel9@sha256%3A960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd?arch=amd64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944183"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel9@sha256%3A0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630?arch=amd64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944215"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel9@sha256%3A486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97?arch=arm64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944183"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel9@sha256%3A1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4?arch=arm64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944215"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel9@sha256%3Aa41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190?arch=ppc64le\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944183"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel9@sha256%3Aab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454?arch=ppc64le\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944215"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel9@sha256%3Acef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96?arch=s390x\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944183"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel9@sha256%3Ab453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7?arch=s390x\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944215"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64 as a component of OpenShift Developer Tools and Services 4.18",
"product_id": "OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64 as a component of OpenShift Developer Tools and Services 4.18",
"product_id": "OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le as a component of OpenShift Developer Tools and Services 4.18",
"product_id": "OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x as a component of OpenShift Developer Tools and Services 4.18",
"product_id": "OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64 as a component of OpenShift Developer Tools and Services 4.18",
"product_id": "OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64 as a component of OpenShift Developer Tools and Services 4.18",
"product_id": "OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le as a component of OpenShift Developer Tools and Services 4.18",
"product_id": "OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x as a component of OpenShift Developer Tools and Services 4.18",
"product_id": "OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.18"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-29371",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-17T16:01:18.173727+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2423194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important as it can lead to a Denial of Service in applications that process untrusted JSON Web Encryption tokens. An attacker can craft a malicious JWE token with an exceptionally high compression ratio, causing excessive memory allocation and processing time during decompression in affected components like jose4j. This affects products such as Red Hat AMQ, Enterprise Application Platform (EAP 8.0.z, 8.1.z), Red Hat JBoss Fuse, JBoss Data Grid, OpenShift Developer Tools \u0026 Services, Red Hat build of Apache Camel, Red Hat Integration, Red Hat OpenShift Dev Spaces, Red Hat Process Automation Manager, Red Hat Single Sign-On (RH-SSO), Insights, cloud.redhat.com, and OpenShift Serverless.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "RHBZ#2423194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack",
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
],
"release_date": "2025-12-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:30:01+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.18 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10215"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression"
},
{
"cve": "CVE-2026-27099",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-02-18T15:02:52.012661+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440638"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. This vulnerability, identified as a stored cross-site scripting (XSS) issue, occurs because Jenkins does not properly escape the user-provided description for the \"Mark temporarily offline\" cause. An attacker with Agent/Configure or Agent/Disconnect permissions can exploit this to inject malicious scripts, leading to potential information disclosure or unauthorized actions within the user\u0027s browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jenkins-ci.main/jenkins-core: Jenkins: Stored Cross-site Scripting (XSS) via unescaped user-provided offline cause description",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Jenkins allows authenticated attackers with Agent/Configure or Agent/Disconnect permissions to inject malicious scripts into the \"Mark temporarily offline\" cause description. This stored cross-site scripting (XSS) flaw can lead to information disclosure or unauthorized actions within a user\u0027s browser when viewing the affected description. Red Hat OpenShift Developer Tools \u0026 Services are affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27099"
},
{
"category": "external",
"summary": "RHBZ#2440638",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440638"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27099",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27099"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27099",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27099"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3669",
"url": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3669"
}
],
"release_date": "2026-02-18T14:17:43.911000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:30:01+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.18 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10215"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jenkins-ci.main/jenkins-core: Jenkins: Stored Cross-site Scripting (XSS) via unescaped user-provided offline cause description"
},
{
"cve": "CVE-2026-27100",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-02-18T15:02:47.032150+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440637"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. An attacker with Item/Build and Item/Configure permissions can exploit this vulnerability by submitting Run Parameter values that refer to builds they do not have authorization to access. This allows the attacker to obtain sensitive information, including the existence of jobs, the existence of builds, and the display names of specific builds. This is an information disclosure vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jenkins-ci.main/jenkins-core: Jenkins: Information disclosure via unauthorized access to build parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This information disclosure vulnerability in Jenkins allows an attacker with Item/Build and Item/Configure permissions to gain knowledge about the existence and display names of jobs and builds they are not authorized to access. This affects Jenkins instances in OpenShift Developer Tools \u0026 Services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27100"
},
{
"category": "external",
"summary": "RHBZ#2440637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440637"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27100",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27100"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27100",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27100"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3658",
"url": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3658"
}
],
"release_date": "2026-02-18T14:17:44.672000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:30:01+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.18 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10215"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jenkins-ci.main/jenkins-core: Jenkins: Information disclosure via unauthorized access to build parameters"
},
{
"cve": "CVE-2026-33001",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-03-18T16:02:14.310096+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448645"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. This vulnerability allows attackers with Item/Configure permission, or those who can control agent processes, to exploit unsafe handling of symbolic links during the extraction of .tar and .tar.gz archives. By crafting malicious archives, an attacker can write files to arbitrary locations on the filesystem. This could enable the deployment of malicious scripts or plugins on the Jenkins controller, potentially leading to unauthorized code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Jenkins: Arbitrary file write and potential code execution through crafted archives",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33001"
},
{
"category": "external",
"summary": "RHBZ#2448645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448645"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33001",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33001"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33001",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33001"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-03-18/#SECURITY-3657",
"url": "https://www.jenkins.io/security/advisory/2026-03-18/#SECURITY-3657"
}
],
"release_date": "2026-03-18T15:15:23.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:30:01+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.18 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10215"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.18:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins: Jenkins: Arbitrary file write and potential code execution through crafted archives"
}
]
}
RHSA-2026:10211
Vulnerability from csaf_redhat - Published: 2026-04-23 17:21 - Updated: 2026-05-05 03:16Summary
Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.14 security update.
Severity
Important
Notes
Topic: An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.14.
Details: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.14 security update.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.
7.5 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.14 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10211
A flaw was found in Jenkins. This vulnerability, identified as a stored cross-site scripting (XSS) issue, occurs because Jenkins does not properly escape the user-provided description for the "Mark temporarily offline" cause. An attacker with Agent/Configure or Agent/Disconnect permissions can exploit this to inject malicious scripts, leading to potential information disclosure or unauthorized actions within the user's browser.
4.6 (Medium)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.14 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10211
A flaw was found in Jenkins. An attacker with Item/Build and Item/Configure permissions can exploit this vulnerability by submitting Run Parameter values that refer to builds they do not have authorization to access. This allows the attacker to obtain sensitive information, including the existence of jobs, the existence of builds, and the display names of specific builds. This is an information disclosure vulnerability.
4.3 (Medium)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.14 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10211
A flaw was found in Jenkins. This vulnerability allows attackers with Item/Configure permission, or those who can control agent processes, to exploit unsafe handling of symbolic links during the extraction of .tar and .tar.gz archives. By crafting malicious archives, an attacker can write files to arbitrary locations on the filesystem. This could enable the deployment of malicious scripts or plugins on the Jenkins controller, potentially leading to unauthorized code execution.
8.8 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.14 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10211
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.14.",
"title": "Topic"
},
{
"category": "general",
"text": "Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.14 security update.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:10211",
"url": "https://access.redhat.com/errata/RHSA-2026:10211"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-29371",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27099",
"url": "https://access.redhat.com/security/cve/CVE-2026-27099"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27100",
"url": "https://access.redhat.com/security/cve/CVE-2026-27100"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33001",
"url": "https://access.redhat.com/security/cve/CVE-2026-33001"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/openshift_container_platform/4.14/html/jenkins",
"url": "https://docs.redhat.com/en/documentation/openshift_container_platform/4.14/html/jenkins"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_10211.json"
}
],
"title": "Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.14 security update.",
"tracking": {
"current_release_date": "2026-05-05T03:16:33+00:00",
"generator": {
"date": "2026-05-05T03:16:33+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:10211",
"initial_release_date": "2026-04-23T17:21:09+00:00",
"revision_history": [
{
"date": "2026-04-23T17:21:09+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-23T17:21:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-05T03:16:33+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services 4.14",
"product": {
"name": "OpenShift Developer Tools and Services 4.14",
"product_id": "OpenShift Developer Tools and Services 4.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.14::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Developer Tools and Services"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel8@sha256%3Aad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872?arch=amd64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776760341"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel8@sha256%3A5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d?arch=amd64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776762347"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel8@sha256%3A3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230?arch=arm64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776760341"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel8@sha256%3Aec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae?arch=arm64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776762347"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel8@sha256%3A7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056?arch=ppc64le\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776760341"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel8@sha256%3A02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c?arch=ppc64le\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776762347"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel8@sha256%3A3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39?arch=s390x\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776760341"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel8@sha256%3Afa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8?arch=s390x\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776762347"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64 as a component of OpenShift Developer Tools and Services 4.14",
"product_id": "OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x as a component of OpenShift Developer Tools and Services 4.14",
"product_id": "OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le as a component of OpenShift Developer Tools and Services 4.14",
"product_id": "OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64 as a component of OpenShift Developer Tools and Services 4.14",
"product_id": "OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le as a component of OpenShift Developer Tools and Services 4.14",
"product_id": "OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64 as a component of OpenShift Developer Tools and Services 4.14",
"product_id": "OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64 as a component of OpenShift Developer Tools and Services 4.14",
"product_id": "OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x as a component of OpenShift Developer Tools and Services 4.14",
"product_id": "OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.14"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-29371",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-17T16:01:18.173727+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2423194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important as it can lead to a Denial of Service in applications that process untrusted JSON Web Encryption tokens. An attacker can craft a malicious JWE token with an exceptionally high compression ratio, causing excessive memory allocation and processing time during decompression in affected components like jose4j. This affects products such as Red Hat AMQ, Enterprise Application Platform (EAP 8.0.z, 8.1.z), Red Hat JBoss Fuse, JBoss Data Grid, OpenShift Developer Tools \u0026 Services, Red Hat build of Apache Camel, Red Hat Integration, Red Hat OpenShift Dev Spaces, Red Hat Process Automation Manager, Red Hat Single Sign-On (RH-SSO), Insights, cloud.redhat.com, and OpenShift Serverless.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "RHBZ#2423194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack",
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
],
"release_date": "2025-12-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:21:09+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.14 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10211"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression"
},
{
"cve": "CVE-2026-27099",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-02-18T15:02:52.012661+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440638"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. This vulnerability, identified as a stored cross-site scripting (XSS) issue, occurs because Jenkins does not properly escape the user-provided description for the \"Mark temporarily offline\" cause. An attacker with Agent/Configure or Agent/Disconnect permissions can exploit this to inject malicious scripts, leading to potential information disclosure or unauthorized actions within the user\u0027s browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jenkins-ci.main/jenkins-core: Jenkins: Stored Cross-site Scripting (XSS) via unescaped user-provided offline cause description",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Jenkins allows authenticated attackers with Agent/Configure or Agent/Disconnect permissions to inject malicious scripts into the \"Mark temporarily offline\" cause description. This stored cross-site scripting (XSS) flaw can lead to information disclosure or unauthorized actions within a user\u0027s browser when viewing the affected description. Red Hat OpenShift Developer Tools \u0026 Services are affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27099"
},
{
"category": "external",
"summary": "RHBZ#2440638",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440638"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27099",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27099"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27099",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27099"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3669",
"url": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3669"
}
],
"release_date": "2026-02-18T14:17:43.911000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:21:09+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.14 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10211"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jenkins-ci.main/jenkins-core: Jenkins: Stored Cross-site Scripting (XSS) via unescaped user-provided offline cause description"
},
{
"cve": "CVE-2026-27100",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-02-18T15:02:47.032150+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440637"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. An attacker with Item/Build and Item/Configure permissions can exploit this vulnerability by submitting Run Parameter values that refer to builds they do not have authorization to access. This allows the attacker to obtain sensitive information, including the existence of jobs, the existence of builds, and the display names of specific builds. This is an information disclosure vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jenkins-ci.main/jenkins-core: Jenkins: Information disclosure via unauthorized access to build parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This information disclosure vulnerability in Jenkins allows an attacker with Item/Build and Item/Configure permissions to gain knowledge about the existence and display names of jobs and builds they are not authorized to access. This affects Jenkins instances in OpenShift Developer Tools \u0026 Services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27100"
},
{
"category": "external",
"summary": "RHBZ#2440637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440637"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27100",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27100"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27100",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27100"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3658",
"url": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3658"
}
],
"release_date": "2026-02-18T14:17:44.672000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:21:09+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.14 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10211"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jenkins-ci.main/jenkins-core: Jenkins: Information disclosure via unauthorized access to build parameters"
},
{
"cve": "CVE-2026-33001",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-03-18T16:02:14.310096+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448645"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. This vulnerability allows attackers with Item/Configure permission, or those who can control agent processes, to exploit unsafe handling of symbolic links during the extraction of .tar and .tar.gz archives. By crafting malicious archives, an attacker can write files to arbitrary locations on the filesystem. This could enable the deployment of malicious scripts or plugins on the Jenkins controller, potentially leading to unauthorized code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Jenkins: Arbitrary file write and potential code execution through crafted archives",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33001"
},
{
"category": "external",
"summary": "RHBZ#2448645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448645"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33001",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33001"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33001",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33001"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-03-18/#SECURITY-3657",
"url": "https://www.jenkins.io/security/advisory/2026-03-18/#SECURITY-3657"
}
],
"release_date": "2026-03-18T15:15:23.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:21:09+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.14 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10211"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3959cf6c1b1b5e7b2c33ef49ebe1e99dfce7e10ad14ea0c948c3365249f85230_arm64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:3c83e451aa4a676671e22a6c91539311d04677601978d35032bce45e10c63a39_s390x",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:7bff04aabb5d39075f92b8e65d2cfebc02cfd80488037685654a1e1cbf0b2056_ppc64le",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8@sha256:ad63a7e895c432b05a4fab3357cf1a8ab8c99a1f6bc1e86abd2c67f4f1e9a872_amd64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:02c954e1692ff2ce7c85c1505fe48e65b2b21b2f368d514fca86343f4f96cd7c_ppc64le",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:5957dae25e049ae63fd5112da7436c9c1b0a6deefe5ebc6ae11b4e78c75cfe3d_amd64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:ec218eaf3b8668c6473232a695ce742b8b8dc57274ec5fc727c996df812d5aae_arm64",
"OpenShift Developer Tools and Services 4.14:registry.redhat.io/ocp-tools-4/jenkins-rhel8@sha256:fa8f511929707eed40f5d9baf9ca89dfb8d46913746f2c0e4bd97d0b02d5d2b8_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins: Jenkins: Arbitrary file write and potential code execution through crafted archives"
}
]
}
RHSA-2026:10205
Vulnerability from csaf_redhat - Published: 2026-04-23 17:06 - Updated: 2026-05-05 03:16Summary
Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.20 security update.
Severity
Important
Notes
Topic: An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.20.
Details: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.20 security update.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.
7.5 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.20 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10205
A flaw was found in Jenkins. This vulnerability, identified as a stored cross-site scripting (XSS) issue, occurs because Jenkins does not properly escape the user-provided description for the "Mark temporarily offline" cause. An attacker with Agent/Configure or Agent/Disconnect permissions can exploit this to inject malicious scripts, leading to potential information disclosure or unauthorized actions within the user's browser.
4.6 (Medium)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.20 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10205
A flaw was found in Jenkins. An attacker with Item/Build and Item/Configure permissions can exploit this vulnerability by submitting Run Parameter values that refer to builds they do not have authorization to access. This allows the attacker to obtain sensitive information, including the existence of jobs, the existence of builds, and the display names of specific builds. This is an information disclosure vulnerability.
4.3 (Medium)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.20 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10205
A flaw was found in Jenkins. This vulnerability allows attackers with Item/Configure permission, or those who can control agent processes, to exploit unsafe handling of symbolic links during the extraction of .tar and .tar.gz archives. By crafting malicious archives, an attacker can write files to arbitrary locations on the filesystem. This could enable the deployment of malicious scripts or plugins on the Jenkins controller, potentially leading to unauthorized code execution.
8.8 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.20 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.
https://access.redhat.com/errata/RHSA-2026:10205
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.20.",
"title": "Topic"
},
{
"category": "general",
"text": "Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.20 security update.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:10205",
"url": "https://access.redhat.com/errata/RHSA-2026:10205"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-29371",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27099",
"url": "https://access.redhat.com/security/cve/CVE-2026-27099"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27100",
"url": "https://access.redhat.com/security/cve/CVE-2026-27100"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33001",
"url": "https://access.redhat.com/security/cve/CVE-2026-33001"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/jenkins",
"url": "https://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/jenkins"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_10205.json"
}
],
"title": "Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.20 security update.",
"tracking": {
"current_release_date": "2026-05-05T03:16:32+00:00",
"generator": {
"date": "2026-05-05T03:16:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:10205",
"initial_release_date": "2026-04-23T17:06:07+00:00",
"revision_history": [
{
"date": "2026-04-23T17:06:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-23T17:06:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-05T03:16:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services 4.2",
"product": {
"name": "OpenShift Developer Tools and Services 4.2",
"product_id": "OpenShift Developer Tools and Services 4.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.20::el9"
}
}
}
],
"category": "product_family",
"name": "OpenShift Developer Tools and Services"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel9@sha256%3A960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd?arch=amd64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944183"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel9@sha256%3A0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630?arch=amd64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944215"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel9@sha256%3A486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97?arch=arm64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944183"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel9@sha256%3A1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4?arch=arm64\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944215"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel9@sha256%3Aa41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190?arch=ppc64le\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944183"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel9@sha256%3Aab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454?arch=ppc64le\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944215"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel9@sha256%3Acef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96?arch=s390x\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944183"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x",
"product": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x",
"product_id": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel9@sha256%3Ab453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7?arch=s390x\u0026repository_url=registry.redhat.io/ocp-tools-4\u0026tag=1776944215"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64 as a component of OpenShift Developer Tools and Services 4.2",
"product_id": "OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64 as a component of OpenShift Developer Tools and Services 4.2",
"product_id": "OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le as a component of OpenShift Developer Tools and Services 4.2",
"product_id": "OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x as a component of OpenShift Developer Tools and Services 4.2",
"product_id": "OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64 as a component of OpenShift Developer Tools and Services 4.2",
"product_id": "OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64 as a component of OpenShift Developer Tools and Services 4.2",
"product_id": "OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le as a component of OpenShift Developer Tools and Services 4.2",
"product_id": "OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x as a component of OpenShift Developer Tools and Services 4.2",
"product_id": "OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
},
"product_reference": "registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x",
"relates_to_product_reference": "OpenShift Developer Tools and Services 4.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-29371",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-17T16:01:18.173727+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2423194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important as it can lead to a Denial of Service in applications that process untrusted JSON Web Encryption tokens. An attacker can craft a malicious JWE token with an exceptionally high compression ratio, causing excessive memory allocation and processing time during decompression in affected components like jose4j. This affects products such as Red Hat AMQ, Enterprise Application Platform (EAP 8.0.z, 8.1.z), Red Hat JBoss Fuse, JBoss Data Grid, OpenShift Developer Tools \u0026 Services, Red Hat build of Apache Camel, Red Hat Integration, Red Hat OpenShift Dev Spaces, Red Hat Process Automation Manager, Red Hat Single Sign-On (RH-SSO), Insights, cloud.redhat.com, and OpenShift Serverless.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "RHBZ#2423194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack",
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
],
"release_date": "2025-12-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:06:07+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.20 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10205"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression"
},
{
"cve": "CVE-2026-27099",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-02-18T15:02:52.012661+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440638"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. This vulnerability, identified as a stored cross-site scripting (XSS) issue, occurs because Jenkins does not properly escape the user-provided description for the \"Mark temporarily offline\" cause. An attacker with Agent/Configure or Agent/Disconnect permissions can exploit this to inject malicious scripts, leading to potential information disclosure or unauthorized actions within the user\u0027s browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jenkins-ci.main/jenkins-core: Jenkins: Stored Cross-site Scripting (XSS) via unescaped user-provided offline cause description",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Jenkins allows authenticated attackers with Agent/Configure or Agent/Disconnect permissions to inject malicious scripts into the \"Mark temporarily offline\" cause description. This stored cross-site scripting (XSS) flaw can lead to information disclosure or unauthorized actions within a user\u0027s browser when viewing the affected description. Red Hat OpenShift Developer Tools \u0026 Services are affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27099"
},
{
"category": "external",
"summary": "RHBZ#2440638",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440638"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27099",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27099"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27099",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27099"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3669",
"url": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3669"
}
],
"release_date": "2026-02-18T14:17:43.911000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:06:07+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.20 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10205"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jenkins-ci.main/jenkins-core: Jenkins: Stored Cross-site Scripting (XSS) via unescaped user-provided offline cause description"
},
{
"cve": "CVE-2026-27100",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-02-18T15:02:47.032150+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440637"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. An attacker with Item/Build and Item/Configure permissions can exploit this vulnerability by submitting Run Parameter values that refer to builds they do not have authorization to access. This allows the attacker to obtain sensitive information, including the existence of jobs, the existence of builds, and the display names of specific builds. This is an information disclosure vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.jenkins-ci.main/jenkins-core: Jenkins: Information disclosure via unauthorized access to build parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This information disclosure vulnerability in Jenkins allows an attacker with Item/Build and Item/Configure permissions to gain knowledge about the existence and display names of jobs and builds they are not authorized to access. This affects Jenkins instances in OpenShift Developer Tools \u0026 Services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27100"
},
{
"category": "external",
"summary": "RHBZ#2440637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440637"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27100",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27100"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27100",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27100"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3658",
"url": "https://www.jenkins.io/security/advisory/2026-02-18/#SECURITY-3658"
}
],
"release_date": "2026-02-18T14:17:44.672000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:06:07+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.20 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10205"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.jenkins-ci.main/jenkins-core: Jenkins: Information disclosure via unauthorized access to build parameters"
},
{
"cve": "CVE-2026-33001",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-03-18T16:02:14.310096+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448645"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. This vulnerability allows attackers with Item/Configure permission, or those who can control agent processes, to exploit unsafe handling of symbolic links during the extraction of .tar and .tar.gz archives. By crafting malicious archives, an attacker can write files to arbitrary locations on the filesystem. This could enable the deployment of malicious scripts or plugins on the Jenkins controller, potentially leading to unauthorized code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Jenkins: Arbitrary file write and potential code execution through crafted archives",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"known_not_affected": [
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33001"
},
{
"category": "external",
"summary": "RHBZ#2448645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448645"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33001",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33001"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33001",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33001"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2026-03-18/#SECURITY-3657",
"url": "https://www.jenkins.io/security/advisory/2026-03-18/#SECURITY-3657"
}
],
"release_date": "2026-03-18T15:15:23.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T17:06:07+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.20 upgrade to the latest. This update includes a newer OpenShift client (oc) version bundled in the image. If your Jenkins pipelines require a specific oc version, configure it explicitly using the Jenkins pipeline tools directive.",
"product_ids": [
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10205"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:486c0dc417df5beebbdb4ee2a017a4d9407c908fe54f490536f01fc15392ca97_arm64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:960e04991a991ed13884d7d8a7fec07700987d506f3abe5d133cea2c540e88bd_amd64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:a41770290a3a672afc88cfae5beb3400efd65cbb0ce6e31375dc72b27c916190_ppc64le",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel9@sha256:cef039248b506b2025c497267785e0580fc41d5648680df0d6b4e80b9a8b8f96_s390x",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:0a28ecee68681bd1cf50af7dfe9e5c4f54243712b02c3fa9871ee53e42782630_amd64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:1002c6e3e9e893c566bc213b0e0bd9a4a2b9fa4f6e233602392577b51a3df2e4_arm64",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:ab75a59f66bebc8f744ab96322366731040091991b02c2273c3e80193ed2b454_ppc64le",
"OpenShift Developer Tools and Services 4.2:registry.redhat.io/ocp-tools-4/jenkins-rhel9@sha256:b453e75ddba6af9e051981f8c0002827b2344e1266036eefa153664fa45d4da7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins: Jenkins: Arbitrary file write and potential code execution through crafted archives"
}
]
}
GSD-2024-29371
Vulnerability from gsd - Updated: 2024-04-02 05:02Details
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2024-29371"
],
"id": "GSD-2024-29371",
"modified": "2024-04-02T05:02:57.466792Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2024-29371",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
}
}
FKIE_CVE-2024-29371
Vulnerability from fkie_nvd - Published: 2025-12-17 16:16 - Updated: 2026-01-23 20:15
Severity ?
Summary
In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack | Exploit, Issue Tracking, Mitigation | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack | Exploit, Issue Tracking, Mitigation |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jose4j_project | jose4j | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jose4j_project:jose4j:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE62FF6D-FC62-42B0-9ED4-76A0C4419975",
"versionEndExcluding": "0.9.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression."
}
],
"id": "CVE-2024-29371",
"lastModified": "2026-01-23T20:15:51.650",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-12-17T16:16:04.567",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Mitigation"
],
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Issue Tracking",
"Mitigation"
],
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1259"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
cleanstart-2026-ia43044
Vulnerability from cleanstart
Published
2026-04-01 09:30
Modified
2026-03-23 07:56
Summary
Security fixes for CVE-2020-8908, CVE-2022-42889, CVE-2023-2976, CVE-2024-25710, CVE-2024-26308, CVE-2024-29371, CVE-2024-29857, CVE-2024-30171, CVE-2024-31573, CVE-2024-47554, CVE-2025-11143, CVE-2025-12383, CVE-2025-48734, CVE-2025-48924, CVE-2025-58057, CVE-2025-67735, CVE-2025-68161, CVE-2025-8916, CVE-2026-1002, CVE-2026-1605, ghsa-72hv-8253-57qq applied in versions: 0.47.0-r2, 0.47.0-r3
Details
Multiple security vulnerabilities affect the strimzi-kafka-operator package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "strimzi-kafka-operator"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.47.0-r3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the strimzi-kafka-operator package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-IA43044",
"modified": "2026-03-23T07:56:09Z",
"published": "2026-04-01T09:30:15.088429Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-IA43044.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8908"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-42889"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-2976"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-25710"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-26308"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-29371"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-29857"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-30171"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-31573"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-47554"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-11143"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-12383"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-48734"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-48924"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58057"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-67735"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68161"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-8916"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1002"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1605"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-72hv-8253-57qq"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25710"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26308"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29857"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30171"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31573"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47554"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11143"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12383"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48924"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58057"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67735"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68161"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8916"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1002"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1605"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2020-8908, CVE-2022-42889, CVE-2023-2976, CVE-2024-25710, CVE-2024-26308, CVE-2024-29371, CVE-2024-29857, CVE-2024-30171, CVE-2024-31573, CVE-2024-47554, CVE-2025-11143, CVE-2025-12383, CVE-2025-48734, CVE-2025-48924, CVE-2025-58057, CVE-2025-67735, CVE-2025-68161, CVE-2025-8916, CVE-2026-1002, CVE-2026-1605, ghsa-72hv-8253-57qq applied in versions: 0.47.0-r2, 0.47.0-r3",
"upstream": [
"CVE-2020-8908",
"CVE-2022-42889",
"CVE-2023-2976",
"CVE-2024-25710",
"CVE-2024-26308",
"CVE-2024-29371",
"CVE-2024-29857",
"CVE-2024-30171",
"CVE-2024-31573",
"CVE-2024-47554",
"CVE-2025-11143",
"CVE-2025-12383",
"CVE-2025-48734",
"CVE-2025-48924",
"CVE-2025-58057",
"CVE-2025-67735",
"CVE-2025-68161",
"CVE-2025-8916",
"CVE-2026-1002",
"CVE-2026-1605",
"ghsa-72hv-8253-57qq"
]
}
SUSE-SU-2026:1010-1
Vulnerability from csaf_suse - Published: 2026-03-25 10:10 - Updated: 2026-03-25 10:10Summary
Security update 5.0.7 for Multi-Linux Manager Server
Severity
Important
Notes
Title of the patch: Security update 5.0.7 for Multi-Linux Manager Server
Description of the patch: This update fixes the following issues:
branch-network-formula:
- Update to version 1.1.0
* Enable containers on SLE15SP7
* Exclude podman interfaces from sysctl setting
cobbler:
- Compatibility fixes for tftpboot directory setup
inter-server-sync:
- Version 0.3.10-0
* Write log to a rotated file without rsyslog and logrotate
* Recreate cobbler entries on the import (bsc#1220899)
* remove support for 4.2 file based pillars
* use correct hostname detection for 5.x servers
(bsc#1253322)
jose4j:
- CVE-2024-29371: Safeguard against excessive resource utilization by
restricting the size of data during JWE payload decompression (bsc#1255298)
liberate-formula:
- Version 0.1.2
* Add option to prevent logo packages from being installed
spacecmd:
- Version 5.0.15-0
* Fix typo in spacecmd help ca-cert flag (bsc#1253174)
* Convert cached IDs to int (bsc#1251995)
* Fix spacecmd binary file upload (bsc#1253659)
spacewalk-backend:
- Version 5.0.17-0
* Fix reposync mediaproduct fetch when
URL contains auth token (bsc#1252388)
spacewalk-certs-tools:
- Version 5.0.13-0
* Fix bootstrap script for SLM 6.2 (bsc#1257992)
* Fix failing bootstrap with bootstrap script on SLES 16
and SL Micro 6.2 (bsc#1256991)
spacewalk-client-tools:
- Version 5.0.12-0
* Update translation strings
spacewalk-config:
- Version 5.0.9-0
* Enable HSTS in Apache config (bsc#1255176)
* Force SameSite=Lax on all Set-Cookie headers (bsc#1253711)
spacewalk-java:
- Version 5.0.31-0
* Commit DB changes before refreshing pillar for SSH push minions
(bsc#1253712)
* Fix http proxy verification (bsc#1253501)
* Fix: Broken URL in API docs (bsc#1244177)
* Fix crash in ubuntu errata sync on deleted channel ids
(bsc#1250561)
* Fix dnf updateinfo showing wrong severity for
security updates (bsc#1252937)
* Add details on config channels and state order in UI
(bsc#1253285)
* fix reposync crashing at metadata generation (bsc#1257538)
* Block multiple versions of the same package
from being locked (bsc#1246315)
* Use PackageEvr instead of string for fix_version (bsc#1252638)
* Add multi-thread support for message queue (bsc#1247722)
* Fix ungrouped systems list menu item (bsc#1254251)
spacewalk-proxy:
- Version 5.0.8-0
* Disable listing the content of /icons (bsc#1247544)
spacewalk-proxy-installer:
- Version 5.0.3-0
* Configure squid replacement policy properly before cache dir
(bsc#1253773)
spacewalk-web:
- Version 5.0.26-0
* Update web UI dependencies
* Add details on config channels and state order in UI
(bsc#1253285)
susemanager:
- Version 5.0.17-0
* Fix the product ids of client tools channels
* Fixed the package name to correct one (bsc#1255089)
susemanager-build-keys:
- Add openSUSE Backports for SUSE Linux 16 key (bsc#1257255)
susemanager-docs_en:
- Updated the screenshots in multiple sections in Installation and Upgrade Guide
- Reformatted storage-scripts table to use plain paragraphs instead of bullet
lists to fix po4a extraction issue causing missing bullets in CJK translations
- Added a warning for all instances where mgradm upgrade podman is used
- Added section about container-based Kiwi image build support to Administration
guide (bsc#1251865)
- Included global GPG decryption for pillar data in specialized guide
(bsc#1255743)
- CIS removed from list of supported OpenSCAP profiles
- Changes example for the third-party repository GPG keys (bsc#1255857)
- Added SLE16 and openSUSE Leap 16 as supported clients
- Explained how to generate the proxy certificates on a peripheral server
(bsc#1249425)
- Improved procedure formatting for better clarity in Administration Guide
(bsc#1253660)
- Added links to man pages for createrepo_c and reprepro to Administration
Guide (bsc#1237181)
- Added missing options to command example in Installation and Upgrade Guide
(bsc#1252908)
- Added non-SUSE URLs to requirements in installation and Upgrade Guide
(bsc#1252665)
- Fixed typo for command options in Reference Guide (bsc#1253174)
- Added additional step for client deletion in Client Configuration Guide
(bsc#1253249)
- Clarified server config option for spacemd in Refrence Guide (bsc#1253197)
- Changed the installation instructions to use product instead of packages
(bsc#1249041)
susemanager-schema:
- Version 5.0.18-0
* Refactor oval related tables (bsc#1252638)
* Increase size of column 'context' on tables
'suseappstream' and 'suseserverappstream' (bsc#1255653)
* Add leftovers of partially missing ARMHF for Debian (bsc#1248783)
susemanager-sls:
- Version 5.0.21-0
* Fix error on shutdown for sles 12 (bsc#1255634)
* Fix bootstrap for SLM 6.2 and newer (bsc#1257992)
* Make mgr_events salt engine non-blocking on reading events
* Avoid losing the events on DB connection issues (bsc#1252098)
Patchnames: SUSE-2026-1010,SUSE-SUSE-Manager-Proxy-5.0-2026-1010,SUSE-SUSE-Manager-Retail-Branch-Server-5.0-2026-1010,SUSE-SUSE-Manager-Server-5.0-2026-1010
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update 5.0.7 for Multi-Linux Manager Server",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\nbranch-network-formula:\n\n- Update to version 1.1.0 \n * Enable containers on SLE15SP7\n * Exclude podman interfaces from sysctl setting\n\ncobbler:\n\n- Compatibility fixes for tftpboot directory setup\n\ninter-server-sync:\n\n- Version 0.3.10-0\n * Write log to a rotated file without rsyslog and logrotate\n * Recreate cobbler entries on the import (bsc#1220899)\n * remove support for 4.2 file based pillars\n * use correct hostname detection for 5.x servers\n (bsc#1253322)\n\njose4j:\n\n- CVE-2024-29371: Safeguard against excessive resource utilization by\n restricting the size of data during JWE payload decompression (bsc#1255298)\n\nliberate-formula:\n\n- Version 0.1.2\n * Add option to prevent logo packages from being installed \n\nspacecmd:\n\n- Version 5.0.15-0\n * Fix typo in spacecmd help ca-cert flag (bsc#1253174)\n * Convert cached IDs to int (bsc#1251995)\n * Fix spacecmd binary file upload (bsc#1253659)\n\nspacewalk-backend:\n\n- Version 5.0.17-0\n * Fix reposync mediaproduct fetch when\n URL contains auth token (bsc#1252388)\n\nspacewalk-certs-tools:\n\n- Version 5.0.13-0\n * Fix bootstrap script for SLM 6.2 (bsc#1257992)\n * Fix failing bootstrap with bootstrap script on SLES 16\n and SL Micro 6.2 (bsc#1256991)\n\nspacewalk-client-tools:\n\n- Version 5.0.12-0\n * Update translation strings\n\nspacewalk-config:\n\n- Version 5.0.9-0\n * Enable HSTS in Apache config (bsc#1255176)\n * Force SameSite=Lax on all Set-Cookie headers (bsc#1253711)\n\nspacewalk-java:\n\n- Version 5.0.31-0\n * Commit DB changes before refreshing pillar for SSH push minions\n (bsc#1253712)\n * Fix http proxy verification (bsc#1253501)\n * Fix: Broken URL in API docs (bsc#1244177)\n * Fix crash in ubuntu errata sync on deleted channel ids\n (bsc#1250561)\n * Fix dnf updateinfo showing wrong severity for\n security updates (bsc#1252937)\n * Add details on config channels and state order in UI\n (bsc#1253285)\n * fix reposync crashing at metadata generation (bsc#1257538)\n * Block multiple versions of the same package\n from being locked (bsc#1246315)\n * Use PackageEvr instead of string for fix_version (bsc#1252638)\n * Add multi-thread support for message queue (bsc#1247722)\n * Fix ungrouped systems list menu item (bsc#1254251)\n\nspacewalk-proxy:\n\n- Version 5.0.8-0\n * Disable listing the content of /icons (bsc#1247544)\n\nspacewalk-proxy-installer:\n\n- Version 5.0.3-0\n * Configure squid replacement policy properly before cache dir\n (bsc#1253773)\n\nspacewalk-web:\n\n- Version 5.0.26-0\n * Update web UI dependencies\n * Add details on config channels and state order in UI\n (bsc#1253285)\n\nsusemanager:\n\n- Version 5.0.17-0\n * Fix the product ids of client tools channels\n * Fixed the package name to correct one (bsc#1255089)\n\nsusemanager-build-keys:\n\n- Add openSUSE Backports for SUSE Linux 16 key (bsc#1257255)\n\nsusemanager-docs_en:\n\n- Updated the screenshots in multiple sections in Installation and Upgrade Guide\n- Reformatted storage-scripts table to use plain paragraphs instead of bullet\n lists to fix po4a extraction issue causing missing bullets in CJK translations\n- Added a warning for all instances where mgradm upgrade podman is used\n- Added section about container-based Kiwi image build support to Administration\n guide (bsc#1251865)\n- Included global GPG decryption for pillar data in specialized guide\n (bsc#1255743)\n- CIS removed from list of supported OpenSCAP profiles\n- Changes example for the third-party repository GPG keys (bsc#1255857)\n- Added SLE16 and openSUSE Leap 16 as supported clients\n- Explained how to generate the proxy certificates on a peripheral server\n (bsc#1249425)\n- Improved procedure formatting for better clarity in Administration Guide\n (bsc#1253660)\n- Added links to man pages for createrepo_c and reprepro to Administration\n Guide (bsc#1237181)\n- Added missing options to command example in Installation and Upgrade Guide\n (bsc#1252908)\n- Added non-SUSE URLs to requirements in installation and Upgrade Guide\n (bsc#1252665)\n- Fixed typo for command options in Reference Guide (bsc#1253174)\n- Added additional step for client deletion in Client Configuration Guide\n (bsc#1253249)\n- Clarified server config option for spacemd in Refrence Guide (bsc#1253197)\n- Changed the installation instructions to use product instead of packages\n (bsc#1249041) \n\nsusemanager-schema:\n\n- Version 5.0.18-0\n * Refactor oval related tables (bsc#1252638)\n * Increase size of column \u0027context\u0027 on tables\n \u0027suseappstream\u0027 and \u0027suseserverappstream\u0027 (bsc#1255653)\n * Add leftovers of partially missing ARMHF for Debian (bsc#1248783)\n\nsusemanager-sls:\n\n- Version 5.0.21-0\n * Fix error on shutdown for sles 12 (bsc#1255634)\n * Fix bootstrap for SLM 6.2 and newer (bsc#1257992)\n * Make mgr_events salt engine non-blocking on reading events\n * Avoid losing the events on DB connection issues (bsc#1252098)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-1010,SUSE-SUSE-Manager-Proxy-5.0-2026-1010,SUSE-SUSE-Manager-Retail-Branch-Server-5.0-2026-1010,SUSE-SUSE-Manager-Server-5.0-2026-1010",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_1010-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:1010-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261010-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:1010-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024920.html"
},
{
"category": "self",
"summary": "SUSE Bug 1220899",
"url": "https://bugzilla.suse.com/1220899"
},
{
"category": "self",
"summary": "SUSE Bug 1237181",
"url": "https://bugzilla.suse.com/1237181"
},
{
"category": "self",
"summary": "SUSE Bug 1244177",
"url": "https://bugzilla.suse.com/1244177"
},
{
"category": "self",
"summary": "SUSE Bug 1246315",
"url": "https://bugzilla.suse.com/1246315"
},
{
"category": "self",
"summary": "SUSE Bug 1247544",
"url": "https://bugzilla.suse.com/1247544"
},
{
"category": "self",
"summary": "SUSE Bug 1247722",
"url": "https://bugzilla.suse.com/1247722"
},
{
"category": "self",
"summary": "SUSE Bug 1248783",
"url": "https://bugzilla.suse.com/1248783"
},
{
"category": "self",
"summary": "SUSE Bug 1249041",
"url": "https://bugzilla.suse.com/1249041"
},
{
"category": "self",
"summary": "SUSE Bug 1249425",
"url": "https://bugzilla.suse.com/1249425"
},
{
"category": "self",
"summary": "SUSE Bug 1250561",
"url": "https://bugzilla.suse.com/1250561"
},
{
"category": "self",
"summary": "SUSE Bug 1251865",
"url": "https://bugzilla.suse.com/1251865"
},
{
"category": "self",
"summary": "SUSE Bug 1251995",
"url": "https://bugzilla.suse.com/1251995"
},
{
"category": "self",
"summary": "SUSE Bug 1252098",
"url": "https://bugzilla.suse.com/1252098"
},
{
"category": "self",
"summary": "SUSE Bug 1252388",
"url": "https://bugzilla.suse.com/1252388"
},
{
"category": "self",
"summary": "SUSE Bug 1252638",
"url": "https://bugzilla.suse.com/1252638"
},
{
"category": "self",
"summary": "SUSE Bug 1252665",
"url": "https://bugzilla.suse.com/1252665"
},
{
"category": "self",
"summary": "SUSE Bug 1252908",
"url": "https://bugzilla.suse.com/1252908"
},
{
"category": "self",
"summary": "SUSE Bug 1252937",
"url": "https://bugzilla.suse.com/1252937"
},
{
"category": "self",
"summary": "SUSE Bug 1253174",
"url": "https://bugzilla.suse.com/1253174"
},
{
"category": "self",
"summary": "SUSE Bug 1253197",
"url": "https://bugzilla.suse.com/1253197"
},
{
"category": "self",
"summary": "SUSE Bug 1253249",
"url": "https://bugzilla.suse.com/1253249"
},
{
"category": "self",
"summary": "SUSE Bug 1253285",
"url": "https://bugzilla.suse.com/1253285"
},
{
"category": "self",
"summary": "SUSE Bug 1253322",
"url": "https://bugzilla.suse.com/1253322"
},
{
"category": "self",
"summary": "SUSE Bug 1253501",
"url": "https://bugzilla.suse.com/1253501"
},
{
"category": "self",
"summary": "SUSE Bug 1253659",
"url": "https://bugzilla.suse.com/1253659"
},
{
"category": "self",
"summary": "SUSE Bug 1253660",
"url": "https://bugzilla.suse.com/1253660"
},
{
"category": "self",
"summary": "SUSE Bug 1253711",
"url": "https://bugzilla.suse.com/1253711"
},
{
"category": "self",
"summary": "SUSE Bug 1253712",
"url": "https://bugzilla.suse.com/1253712"
},
{
"category": "self",
"summary": "SUSE Bug 1253773",
"url": "https://bugzilla.suse.com/1253773"
},
{
"category": "self",
"summary": "SUSE Bug 1254251",
"url": "https://bugzilla.suse.com/1254251"
},
{
"category": "self",
"summary": "SUSE Bug 1255089",
"url": "https://bugzilla.suse.com/1255089"
},
{
"category": "self",
"summary": "SUSE Bug 1255176",
"url": "https://bugzilla.suse.com/1255176"
},
{
"category": "self",
"summary": "SUSE Bug 1255298",
"url": "https://bugzilla.suse.com/1255298"
},
{
"category": "self",
"summary": "SUSE Bug 1255634",
"url": "https://bugzilla.suse.com/1255634"
},
{
"category": "self",
"summary": "SUSE Bug 1255653",
"url": "https://bugzilla.suse.com/1255653"
},
{
"category": "self",
"summary": "SUSE Bug 1255743",
"url": "https://bugzilla.suse.com/1255743"
},
{
"category": "self",
"summary": "SUSE Bug 1255857",
"url": "https://bugzilla.suse.com/1255857"
},
{
"category": "self",
"summary": "SUSE Bug 1256991",
"url": "https://bugzilla.suse.com/1256991"
},
{
"category": "self",
"summary": "SUSE Bug 1257255",
"url": "https://bugzilla.suse.com/1257255"
},
{
"category": "self",
"summary": "SUSE Bug 1257538",
"url": "https://bugzilla.suse.com/1257538"
},
{
"category": "self",
"summary": "SUSE Bug 1257992",
"url": "https://bugzilla.suse.com/1257992"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-29371 page",
"url": "https://www.suse.com/security/cve/CVE-2024-29371/"
}
],
"title": "Security update 5.0.7 for Multi-Linux Manager Server",
"tracking": {
"current_release_date": "2026-03-25T10:10:02Z",
"generator": {
"date": "2026-03-25T10:10:02Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:1010-1",
"initial_release_date": "2026-03-25T10:10:02Z",
"revision_history": [
{
"date": "2026-03-25T10:10:02Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64",
"product": {
"name": "suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64",
"product_id": "suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64",
"product": {
"name": "suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64",
"product_id": "suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64",
"product": {
"name": "suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64",
"product_id": "suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64",
"product": {
"name": "suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64",
"product_id": "suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64",
"product": {
"name": "suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64",
"product_id": "suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-aarch64-server-attestation-image-5.0.7-6.34.5.aarch64",
"product": {
"name": "suse-manager-5.0-aarch64-server-attestation-image-5.0.7-6.34.5.aarch64",
"product_id": "suse-manager-5.0-aarch64-server-attestation-image-5.0.7-6.34.5.aarch64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.aarch64",
"product": {
"name": "suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.aarch64",
"product_id": "suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.aarch64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-aarch64-server-image-5.0.7-7.37.12.aarch64",
"product": {
"name": "suse-manager-5.0-aarch64-server-image-5.0.7-7.37.12.aarch64",
"product_id": "suse-manager-5.0-aarch64-server-image-5.0.7-7.37.12.aarch64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.7-7.30.7.aarch64",
"product": {
"name": "suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.7-7.30.7.aarch64",
"product_id": "suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.7-7.30.7.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le",
"product": {
"name": "suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le",
"product_id": "suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le",
"product": {
"name": "suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le",
"product_id": "suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le",
"product": {
"name": "suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le",
"product_id": "suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le",
"product": {
"name": "suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le",
"product_id": "suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le",
"product": {
"name": "suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le",
"product_id": "suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-ppc64le-server-attestation-image-5.0.7-6.34.5.ppc64le",
"product": {
"name": "suse-manager-5.0-ppc64le-server-attestation-image-5.0.7-6.34.5.ppc64le",
"product_id": "suse-manager-5.0-ppc64le-server-attestation-image-5.0.7-6.34.5.ppc64le"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.7-6.30.7.ppc64le",
"product": {
"name": "suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.7-6.30.7.ppc64le",
"product_id": "suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.7-6.30.7.ppc64le"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-ppc64le-server-image-5.0.7-7.37.12.ppc64le",
"product": {
"name": "suse-manager-5.0-ppc64le-server-image-5.0.7-7.37.12.ppc64le",
"product_id": "suse-manager-5.0-ppc64le-server-image-5.0.7-7.37.12.ppc64le"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.7-7.30.7.ppc64le",
"product": {
"name": "suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.7-7.30.7.ppc64le",
"product_id": "suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.7-7.30.7.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x",
"product": {
"name": "suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x",
"product_id": "suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x",
"product": {
"name": "suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x",
"product_id": "suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x",
"product": {
"name": "suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x",
"product_id": "suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x",
"product": {
"name": "suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x",
"product_id": "suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x",
"product": {
"name": "suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x",
"product_id": "suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-s390x-server-attestation-image-5.0.7-6.34.5.s390x",
"product": {
"name": "suse-manager-5.0-s390x-server-attestation-image-5.0.7-6.34.5.s390x",
"product_id": "suse-manager-5.0-s390x-server-attestation-image-5.0.7-6.34.5.s390x"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.7-6.30.7.s390x",
"product": {
"name": "suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.7-6.30.7.s390x",
"product_id": "suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.7-6.30.7.s390x"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-s390x-server-image-5.0.7-7.37.12.s390x",
"product": {
"name": "suse-manager-5.0-s390x-server-image-5.0.7-7.37.12.s390x",
"product_id": "suse-manager-5.0-s390x-server-image-5.0.7-7.37.12.s390x"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-s390x-server-migration-14-16-image-5.0.7-7.30.7.s390x",
"product": {
"name": "suse-manager-5.0-s390x-server-migration-14-16-image-5.0.7-7.30.7.s390x",
"product_id": "suse-manager-5.0-s390x-server-migration-14-16-image-5.0.7-7.30.7.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64",
"product": {
"name": "suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64",
"product_id": "suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64",
"product": {
"name": "suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64",
"product_id": "suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64",
"product": {
"name": "suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64",
"product_id": "suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64",
"product": {
"name": "suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64",
"product_id": "suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64",
"product": {
"name": "suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64",
"product_id": "suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-x86_64-server-attestation-image-5.0.7-6.34.5.x86_64",
"product": {
"name": "suse-manager-5.0-x86_64-server-attestation-image-5.0.7-6.34.5.x86_64",
"product_id": "suse-manager-5.0-x86_64-server-attestation-image-5.0.7-6.34.5.x86_64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.x86_64",
"product": {
"name": "suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.x86_64",
"product_id": "suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.x86_64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-x86_64-server-image-5.0.7-7.37.12.x86_64",
"product": {
"name": "suse-manager-5.0-x86_64-server-image-5.0.7-7.37.12.x86_64",
"product_id": "suse-manager-5.0-x86_64-server-image-5.0.7-7.37.12.x86_64"
}
},
{
"category": "product_version",
"name": "suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.7-7.30.7.x86_64",
"product": {
"name": "suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.7-7.30.7.x86_64",
"product_id": "suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.7-7.30.7.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Proxy 5.0",
"product": {
"name": "SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:5.0"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Retail Branch Server Extension 5.0",
"product": {
"name": "SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0"
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 5.0",
"product": {
"name": "SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:5.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64 as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64 as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64 as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64 as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64 as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x"
},
"product_reference": "suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x"
},
"product_reference": "suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x"
},
"product_reference": "suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x"
},
"product_reference": "suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x"
},
"product_reference": "suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64 as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64 as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64 as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64 as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64 as component of SUSE Manager Proxy 5.0",
"product_id": "SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64 as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64 as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64 as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64 as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64 as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x"
},
"product_reference": "suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x"
},
"product_reference": "suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x"
},
"product_reference": "suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x"
},
"product_reference": "suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x"
},
"product_reference": "suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64 as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64 as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64 as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64 as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64 as component of SUSE Manager Retail Branch Server Extension 5.0",
"product_id": "SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-server-attestation-image-5.0.7-6.34.5.aarch64 as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-attestation-image-5.0.7-6.34.5.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-server-attestation-image-5.0.7-6.34.5.aarch64",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.aarch64 as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.aarch64",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-server-image-5.0.7-7.37.12.aarch64 as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-image-5.0.7-7.37.12.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-server-image-5.0.7-7.37.12.aarch64",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.7-7.30.7.aarch64 as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.7-7.30.7.aarch64"
},
"product_reference": "suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.7-7.30.7.aarch64",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-server-attestation-image-5.0.7-6.34.5.ppc64le as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-attestation-image-5.0.7-6.34.5.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-server-attestation-image-5.0.7-6.34.5.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.7-6.30.7.ppc64le as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.7-6.30.7.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.7-6.30.7.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-server-image-5.0.7-7.37.12.ppc64le as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-image-5.0.7-7.37.12.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-server-image-5.0.7-7.37.12.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.7-7.30.7.ppc64le as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.7-7.30.7.ppc64le"
},
"product_reference": "suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.7-7.30.7.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-server-attestation-image-5.0.7-6.34.5.s390x as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-attestation-image-5.0.7-6.34.5.s390x"
},
"product_reference": "suse-manager-5.0-s390x-server-attestation-image-5.0.7-6.34.5.s390x",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.7-6.30.7.s390x as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.7-6.30.7.s390x"
},
"product_reference": "suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.7-6.30.7.s390x",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-server-image-5.0.7-7.37.12.s390x as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-image-5.0.7-7.37.12.s390x"
},
"product_reference": "suse-manager-5.0-s390x-server-image-5.0.7-7.37.12.s390x",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-s390x-server-migration-14-16-image-5.0.7-7.30.7.s390x as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-migration-14-16-image-5.0.7-7.30.7.s390x"
},
"product_reference": "suse-manager-5.0-s390x-server-migration-14-16-image-5.0.7-7.30.7.s390x",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-server-attestation-image-5.0.7-6.34.5.x86_64 as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-attestation-image-5.0.7-6.34.5.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-server-attestation-image-5.0.7-6.34.5.x86_64",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.x86_64 as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.x86_64",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-server-image-5.0.7-7.37.12.x86_64 as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-image-5.0.7-7.37.12.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-server-image-5.0.7-7.37.12.x86_64",
"relates_to_product_reference": "SUSE Manager Server 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.7-7.30.7.x86_64 as component of SUSE Manager Server 5.0",
"product_id": "SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.7-7.30.7.x86_64"
},
"product_reference": "suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.7-7.30.7.x86_64",
"relates_to_product_reference": "SUSE Manager Server 5.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-29371",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-29371"
}
],
"notes": [
{
"category": "general",
"text": "In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64",
"SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-attestation-image-5.0.7-6.34.5.aarch64",
"SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.aarch64",
"SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-image-5.0.7-7.37.12.aarch64",
"SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.7-7.30.7.aarch64",
"SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-attestation-image-5.0.7-6.34.5.ppc64le",
"SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.7-6.30.7.ppc64le",
"SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-image-5.0.7-7.37.12.ppc64le",
"SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.7-7.30.7.ppc64le",
"SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-attestation-image-5.0.7-6.34.5.s390x",
"SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.7-6.30.7.s390x",
"SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-image-5.0.7-7.37.12.s390x",
"SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-migration-14-16-image-5.0.7-7.30.7.s390x",
"SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-attestation-image-5.0.7-6.34.5.x86_64",
"SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.x86_64",
"SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-image-5.0.7-7.37.12.x86_64",
"SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.7-7.30.7.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-29371",
"url": "https://www.suse.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "SUSE Bug 1255298 for CVE-2024-29371",
"url": "https://bugzilla.suse.com/1255298"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64",
"SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-attestation-image-5.0.7-6.34.5.aarch64",
"SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.aarch64",
"SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-image-5.0.7-7.37.12.aarch64",
"SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.7-7.30.7.aarch64",
"SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-attestation-image-5.0.7-6.34.5.ppc64le",
"SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.7-6.30.7.ppc64le",
"SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-image-5.0.7-7.37.12.ppc64le",
"SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.7-7.30.7.ppc64le",
"SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-attestation-image-5.0.7-6.34.5.s390x",
"SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.7-6.30.7.s390x",
"SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-image-5.0.7-7.37.12.s390x",
"SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-migration-14-16-image-5.0.7-7.30.7.s390x",
"SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-attestation-image-5.0.7-6.34.5.x86_64",
"SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.x86_64",
"SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-image-5.0.7-7.37.12.x86_64",
"SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.7-7.30.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64",
"SUSE Manager Proxy 5.0:suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-httpd-image-5.0.7-7.30.13.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.7-7.32.15.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-squid-image-5.0.7-7.30.6.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-ssh-image-5.0.7-7.30.5.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.7-7.30.5.aarch64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.7-7.30.13.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.7-7.32.15.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-squid-image-5.0.7-7.30.6.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.7-7.30.5.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.7-7.30.5.ppc64le",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-httpd-image-5.0.7-7.30.13.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.7-7.32.15.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-squid-image-5.0.7-7.30.6.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-ssh-image-5.0.7-7.30.5.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-s390x-proxy-tftpd-image-5.0.7-7.30.5.s390x",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-httpd-image-5.0.7-7.30.13.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.7-7.32.15.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-squid-image-5.0.7-7.30.6.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-ssh-image-5.0.7-7.30.5.x86_64",
"SUSE Manager Retail Branch Server Extension 5.0:suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.7-7.30.5.x86_64",
"SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-attestation-image-5.0.7-6.34.5.aarch64",
"SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.aarch64",
"SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-image-5.0.7-7.37.12.aarch64",
"SUSE Manager Server 5.0:suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.7-7.30.7.aarch64",
"SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-attestation-image-5.0.7-6.34.5.ppc64le",
"SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.7-6.30.7.ppc64le",
"SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-image-5.0.7-7.37.12.ppc64le",
"SUSE Manager Server 5.0:suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.7-7.30.7.ppc64le",
"SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-attestation-image-5.0.7-6.34.5.s390x",
"SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.7-6.30.7.s390x",
"SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-image-5.0.7-7.37.12.s390x",
"SUSE Manager Server 5.0:suse-manager-5.0-s390x-server-migration-14-16-image-5.0.7-7.30.7.s390x",
"SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-attestation-image-5.0.7-6.34.5.x86_64",
"SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.7-6.30.7.x86_64",
"SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-image-5.0.7-7.37.12.x86_64",
"SUSE Manager Server 5.0:suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.7-7.30.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:10:02Z",
"details": "important"
}
],
"title": "CVE-2024-29371"
}
]
}
GHSA-3677-XXCR-WJQV
Vulnerability from github – Published: 2025-12-17 18:31 – Updated: 2026-01-06 19:46
VLAI?
Summary
jose4j is vulnerable to DoS via compressed JWE content
Details
In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression.
Severity ?
7.5 (High)
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.bitbucket.b_c:jose4j"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.9.6"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-29371"
],
"database_specific": {
"cwe_ids": [
"CWE-1259"
],
"github_reviewed": true,
"github_reviewed_at": "2025-12-18T15:34:32Z",
"nvd_published_at": "2025-12-17T16:16:04Z",
"severity": "HIGH"
},
"details": "In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression.",
"id": "GHSA-3677-xxcr-wjqv",
"modified": "2026-01-06T19:46:21Z",
"published": "2025-12-17T18:31:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371"
},
{
"type": "WEB",
"url": "https://bitbucket.org/b_c/jose4j/commits/19a90a64c47bb07c4aa5462f1316d5c293d81fcf"
},
{
"type": "WEB",
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
},
{
"type": "PACKAGE",
"url": "https://bitbucket.org/b_c/jose4j/wiki/Home"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "jose4j is vulnerable to DoS via compressed JWE content"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…