CVE-2022-24823 - Vulnerability Details

Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. This only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users. Version 4.1.77.Final contains a patch for this vulnerability. As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

Exploitation poc

Automatable no

Technical Impact partial

Vendors	Products
Netapp	Active Iq Unified Manager Oncommand Workflow Automation Snapcenter
Netty	Netty
Oracle	Financial Services Crime And Compliance Management Studio
Redhat	Amq Broker Amq Streams Jboss Data Grid Jboss Enterprise Application Platform Jboss Fuse

Configuration 1 [-]

cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.2.0:::::::*
	cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.0:::::::*

Configuration 3 [-]

OR	cpe:2.3:a:netapp:active_iq_unified_manager:-:::::linux::
	cpe:2.3:a:netapp:active_iq_unified_manager:-:::::windows::
	cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
	cpe:2.3:a:netapp:snapcenter:-:::::::*

Package	CPE	Advisory	Released Date
AMQ Broker 7.10.1
netty	cpe:/a:redhat:amq_broker:7	RHSA-2022:6916	2022-10-12T00:00:00Z
Red Hat AMQ Streams 2.2.0
netty	cpe:/a:redhat:amq_streams:2	RHSA-2022:6819	2022-10-05T00:00:00Z
Red Hat AMQ Streams 2.4.0
	cpe:/a:redhat:amq_streams:2	RHSA-2023:3223	2023-05-18T00:00:00Z
Red Hat AMQ Streams 2.5.0
	cpe:/a:redhat:amq_streams:2	RHSA-2023:5165	2023-09-14T00:00:00Z
Red Hat Data Grid 8.4.0
netty	cpe:/a:redhat:jboss_data_grid:8	RHSA-2022:8524	2022-11-17T00:00:00Z
Red Hat Fuse 7.11.1
netty	cpe:/a:redhat:jboss_fuse:7	RHSA-2022:8652	2022-11-28T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7
netty	cpe:/a:redhat:jboss_enterprise_application_platform:7.4	RHSA-2022:5928	2022-08-08T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8
eap7-netty-0:4.1.77-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8	RHSA-2022:5893	2022-08-03T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9
eap7-0:1-18.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-aesh-extensions-0:1.8.0-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-aesh-readline-0:2.2.0-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-agroal-0:1.3.0-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-antlr-0:2.7.7-54.redhat_7.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-apache-commons-beanutils-0:1.9.4-1.redhat_00002.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-apache-commons-cli-0:1.4.0-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-apache-commons-codec-0:1.15.0-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-apache-commons-collections-0:3.2.2-9.redhat_2.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-apache-commons-io-0:2.10.0-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-apache-commons-lang-0:3.11.0-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-apache-commons-lang2-0:2.6.0-1.redhat_7.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-apache-cxf-0:3.3.13-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-apache-cxf-xjc-utils-0:3.3.1-1.1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-apache-mime4j-0:0.6.0-4.1.redhat_7.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-apache-sshd-0:2.7.0-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-artemis-native-1:1.0.2-3.redhat_1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-artemis-wildfly-integration-0:1.0.4-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-atinject-0:1.0.3-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-avro-0:1.7.6-7.1.redhat_2.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-azure-storage-0:8.6.6-1.1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-bouncycastle-0:1.68.0-2.redhat_00005.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-byte-buddy-0:1.11.12-2.redhat_00002.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-caffeine-0:2.8.8-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-cal10n-0:0.8.1-6.redhat_1.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-codehaus-jackson-0:1.9.13-10.redhat_00007.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-commons-logging-jboss-logging-0:1.0.0-1.Final_redhat_1.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-cryptacular-0:1.2.4-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-dom4j-0:2.1.3-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-ecj-1:3.26.0-1.redhat_00002.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-eclipse-jgit-0:5.13.0.202109080827-1.r_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-elytron-web-0:1.9.2-2.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-glassfish-concurrent-0:1.1.1-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-glassfish-fastinfoset-0:1.2.13-11.1.redhat_1.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-glassfish-jaf-0:1.2.2-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-glassfish-javamail-0:1.6.5-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-glassfish-jaxb-0:2.3.3-4.1.b02_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-glassfish-jsf-0:2.3.14-4.SP05_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-glassfish-json-0:1.1.6-2.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-gnu-getopt-0:1.0.13-6.redhat_5.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-gson-0:2.8.9-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-guava-libraries-0:30.1.0-1.1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-h2database-0:1.4.197-2.redhat_00004.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-hal-console-0:3.3.13-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-hibernate-0:5.3.27-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-hibernate-beanvalidation-api-0:2.0.2-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-hibernate-commons-annotations-0:5.0.5-1.1.Final_redhat_00002.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-hibernate-search-0:5.10.7-1.1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-hornetq-0:2.4.8-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-httpcomponents-asyncclient-0:4.1.4-1.1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-httpcomponents-client-0:4.5.13-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-httpcomponents-core-0:4.4.14-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-ironjacamar-0:1.5.3-2.SP1_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jackson-coreutils-0:1.8.0-1.redhat_00002.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jackson-databind-0:2.12.6.1-2.redhat_00004.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jakarta-security-enterprise-api-0:1.0.2-3.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jandex-0:2.4.2-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jansi-0:1.18.0-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jasypt-0:1.9.3-1.redhat_00002.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-java-classmate-0:1.5.1-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-javaee-jpa-spec-0:2.2.3-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-javaee-security-soteria-0:1.0.1-3.redhat_00002.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-javaewah-0:1.1.7-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-javapackages-tools-0:3.4.1-5.15.6.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-javassist-0:3.27.0-2.GA_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jaxbintros-0:1.0.3-1.GA_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jaxen-0:1.1.6-14.redhat_2.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jberet-0:1.3.9-2.SP2_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-aesh-0:2.4.0-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-annotations-api_1.3_spec-0:2.0.1-2.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-batch-api_1.0_spec-0:2.0.0-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-classfilewriter-0:1.2.5-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-common-beans-0:2.0.1-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-concurrency-api_1.0_spec-0:2.0.0-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-connector-api_1.7_spec-0:2.0.0-2.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-dmr-0:1.5.1-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-ejb3-ext-api-0:2.3.0-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-ejb-api_3.2_spec-0:2.0.0-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-ejb-client-0:4.0.44-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-el-api_3.0_spec-0:2.0.0-2.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-genericjms-0:2.0.9-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-iiop-client-0:1.0.1-3.Final_redhat_1.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-interceptors-api_1.2_spec-0:2.0.0-3.Final_redhat_00002.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-invocation-0:1.6.3-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-j2eemgmt-api_1.1_spec-0:2.0.0-2.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-jacc-api_1.5_spec-0:2.0.0-2.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-jaspi-api_1.1_spec-0:2.0.1-2.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-jaxb-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-jaxrpc-api_1.1_spec-0:2.0.0-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-jaxrs-api_2.1_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-jaxws-api_2.3_spec-0:2.0.0-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-jms-api_2.0_spec-0:2.0.0-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-jsf-api_2.3_spec-0:3.0.0-5.SP06_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-jsp-api_2.3_spec-0:2.0.0-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-logging-0:3.4.1-2.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-marshalling-0:2.0.12-1.1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-metadata-0:13.0.0-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-modules-0:1.12.0-2.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-msc-0:1.4.12-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-openjdk-orb-0:8.1.4-3.Final_redhat_00002.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-remoting-0:5.0.25-1.SP1_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-remoting-jmx-0:3.0.4-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-saaj-api_1.3_spec-0:1.0.6-1.Final_redhat_1.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-saaj-api_1.4_spec-0:1.0.2-1.Final_redhat_00002.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-seam-int-0:7.0.0-6.GA_redhat_2.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-security-negotiation-0:3.0.6-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-security-xacml-0:2.0.8-17.Final_redhat_8.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-server-migration-0:1.10.0-18.Final_redhat_00017.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-servlet-api_4.0_spec-0:2.0.0-2.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-stdio-0:1.1.0-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-threads-0:2.4.0-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-transaction-api_1.3_spec-0:2.0.0-4.Final_redhat_00005.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-transaction-spi-0:7.6.0-2.Final_redhat_1.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-websocket-api_1.1_spec-0:2.0.0-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-weld-3.1-api-0:3.1.0-6.SP3_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jbossws-api-0:1.1.2-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jbossws-common-0:3.3.3-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jbossws-common-tools-0:1.3.2-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jbossws-jaxws-undertow-httpspi-0:1.0.1-3.Final_redhat_1.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jbossws-spi-0:3.3.1-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jcip-annotations-0:1.0.0-5.redhat_8.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jctools-0:2.1.2-1.redhat_00003.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jettison-0:1.4.0-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jgroups-0:4.2.15-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jgroups-azure-0:1.3.1-1.1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jgroups-kubernetes-0:1.0.16-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-joda-time-0:2.9.7-2.redhat_1.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jsonb-spec-0:1.0.2-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-json-patch-0:1.9.0-1.redhat_00002.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jsoup-0:1.14.2-1.redhat_00002.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-jul-to-slf4j-stub-0:1.0.1-7.Final_redhat_3.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-log4j-0:2.17.1-2.redhat_00002.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-log4j2-jboss-logmanager-0:1.0.0-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-log4j-jboss-logmanager-0:1.2.2-1.Final_redhat_00002.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-lucene-solr-0:5.5.5-3.redhat_2.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-mod_cluster-0:1.4.4-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-mustache-java-0:0.9.6-1.1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-neethi-0:3.1.1-1.1.redhat_1.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-netty-0:4.1.77-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-netty-tcnative-0:2.0.52-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-netty-transport-native-epoll-0:4.1.77-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-netty-xnio-transport-0:0.1.9-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-opensaml-0:3.3.1-1.1.redhat_00002.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-picketbox-0:5.0.3-10.Final_redhat_00009.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-picketbox-commons-0:1.0.0-4.final_redhat_5.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-picketlink-bindings-0:2.5.5-26.SP12_redhat_00014.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-picketlink-federation-0:2.5.5-21.SP12_redhat_00011.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-protostream-0:4.3.5-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-reactive-streams-0:1.0.3-2.redhat_00003.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-reactivex-rxjava-0:3.0.9-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-reactivex-rxjava2-0:2.2.20-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-resteasy-0:3.15.3-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-shibboleth-java-support-0:7.3.0-1.1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-slf4j-0:1.7.22-4.1.redhat_2.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-slf4j-jboss-logmanager-0:1.1.0-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-stax2-api-0:4.2.1-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-stax-ex-0:1.8.3-2.redhat_00002.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-staxmapper-0:1.3.0-2.Final_redhat_1.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-sun-istack-commons-0:3.0.10-1.1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-sun-saaj-1.3-impl-0:1.3.16-18.SP1_redhat_6.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-sun-saaj-1.4-impl-0:1.4.1-1.SP1_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-sun-ws-metadata-2.0-api-0:1.0.0-7.MR1_redhat_8.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-tomcat-taglibs-standard-0:1.2.6-2.1.RC1_redhat_1.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-undertow-0:2.2.18-2.SP2_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-undertow-jastow-0:2.0.9-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-undertow-js-0:1.0.2-2.Final_redhat_1.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-vdx-0:1.1.6-2.redhat_1.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-velocity-0:2.3.0-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-weld-cdi-2.0-api-0:2.0.2-2.redhat_00002.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-weld-core-0:3.1.6-1.1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-wildfly-0:7.4.6-5.GA_redhat_00002.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-wildfly-client-config-0:1.0.1-2.1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-wildfly-common-0:1.5.4-1.1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-wildfly-discovery-0:1.2.1-1.1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-wildfly-elytron-0:1.15.13-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-wildfly-http-client-0:1.1.12-1.SP1_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-wildfly-naming-client-0:1.0.14-1.1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-wildfly-openssl-0:2.2.3-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-wildfly-openssl-el9-x86_64-0:2.2.2-1.Final_redhat_00002.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-woodstox-core-0:6.0.3-1.1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-wsdl4j-0:1.6.3-13.redhat_2.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-wss4j-0:2.2.7-1.1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-xalan-j2-0:2.7.1-36.redhat_00013.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-xml-commons-resolver-0:1.2.0-7.redhat_12.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-xml-security-0:2.1.7-1.1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-xom-0:1.3.7-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
eap7-yasson-0:1.0.10-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2022:5894	2022-08-03T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7
eap7-netty-0:4.1.77-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7	RHSA-2022:5892	2022-08-03T00:00:00Z

References

Link	Providers
https://github.com/netty/netty/commit/185f8b2756a36aaa4f973f1a2a025e7d981823f1
https://github.com/netty/netty/security/advisories/GHSA-269q-hmxg-m83q
https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2
https://nvd.nist.gov/vuln/detail/CVE-2022-24823
https://security.netapp.com/advisory/ntap-20220616-0004/
https://www.cve.org/CVERecord?id=CVE-2022-24823
https://www.oracle.com/security-alerts/cpujul2022.html

History

Tue, 22 Apr 2025 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2022-05-06T12:05:11.000Z

Updated: 2025-04-22T18:01:57.607Z

Reserved: 2022-02-10T00:00:00.000Z

Link: CVE-2022-24823

Vulnrichment

Updated: 2024-08-03T04:20:50.545Z

NVD

Status : Modified

Published: 2022-05-06T12:15:08.163

Modified: 2024-11-21T06:51:10.620

Link: CVE-2022-24823

Redhat

Severity : Moderate

Publid Date: 2022-05-06T00:00:00Z

Links: CVE-2022-24823 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "netty", "vendor": "netty", "versions": [{"status": "affected", "version": "<= 4.1.76.Final"}]}], "descriptions": [{"lang": "en", "value": "Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. This only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users. Version 4.1.77.Final contains a patch for this vulnerability. As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-668", "description": "CWE-668: Exposure of Resource to Wrong Sphere", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-378", "description": "CWE-378: Creation of Temporary File With Insecure Permissions", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-379", "description": "CWE-379: Creation of Temporary File in Directory with Insecure Permissions", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-07-25T16:52:21.000Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/netty/netty/security/advisories/GHSA-269q-hmxg-m83q"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/netty/netty/commit/185f8b2756a36aaa4f973f1a2a025e7d981823f1"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpujul2022.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20220616-0004/"}], "source": {"advisory": "GHSA-269q-hmxg-m83q", "discovery": "UNKNOWN"}, "title": "Local Information Disclosure Vulnerability in io.netty:netty-codec-http", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-24823", "STATE": "PUBLIC", "TITLE": "Local Information Disclosure Vulnerability in io.netty:netty-codec-http"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "netty", "version": {"version_data": [{"version_value": "<= 4.1.76.Final"}]}}]}, "vendor_name": "netty"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. This only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users. Version 4.1.77.Final contains a patch for this vulnerability. As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-668: Exposure of Resource to Wrong Sphere"}]}, {"description": [{"lang": "eng", "value": "CWE-378: Creation of Temporary File With Insecure Permissions"}]}, {"description": [{"lang": "eng", "value": "CWE-379: Creation of Temporary File in Directory with Insecure Permissions"}]}]}, "references": {"reference_data": [{"name": "https://github.com/netty/netty/security/advisories/GHSA-269q-hmxg-m83q", "refsource": "CONFIRM", "url": "https://github.com/netty/netty/security/advisories/GHSA-269q-hmxg-m83q"}, {"name": "https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2", "refsource": "MISC", "url": "https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2"}, {"name": "https://github.com/netty/netty/commit/185f8b2756a36aaa4f973f1a2a025e7d981823f1", "refsource": "MISC", "url": "https://github.com/netty/netty/commit/185f8b2756a36aaa4f973f1a2a025e7d981823f1"}, {"name": "https://www.oracle.com/security-alerts/cpujul2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2022.html"}, {"name": "https://security.netapp.com/advisory/ntap-20220616-0004/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220616-0004/"}]}, "source": {"advisory": "GHSA-269q-hmxg-m83q", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T04:20:50.545Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/netty/netty/security/advisories/GHSA-269q-hmxg-m83q"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/netty/netty/commit/185f8b2756a36aaa4f973f1a2a025e7d981823f1"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/security-alerts/cpujul2022.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20220616-0004/"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-22T15:48:11.887598Z", "id": "CVE-2022-24823", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-22T18:01:57.607Z"}}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-24823", "datePublished": "2022-05-06T12:05:11.000Z", "dateReserved": "2022-02-10T00:00:00.000Z", "dateUpdated": "2025-04-22T18:01:57.607Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/netty/netty/security/advisories/GHSA-269q-hmxg-m83q", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/netty/netty/commit/185f8b2756a36aaa4f973f1a2a025e7d981823f1", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://www.oracle.com/security-alerts/cpujul2022.html", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20220616-0004/", "tags": ["x_refsource_CONFIRM", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T04:20:50.545Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-24823", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-22T15:48:11.887598Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-22T15:48:13.381Z"}}], "cna": {"title": "Local Information Disclosure Vulnerability in io.netty:netty-codec-http", "source": {"advisory": "GHSA-269q-hmxg-m83q", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "netty", "product": "netty", "versions": [{"status": "affected", "version": "<= 4.1.76.Final"}]}], "references": [{"url": "https://github.com/netty/netty/security/advisories/GHSA-269q-hmxg-m83q", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/netty/netty/commit/185f8b2756a36aaa4f973f1a2a025e7d981823f1", "tags": ["x_refsource_MISC"]}, {"url": "https://www.oracle.com/security-alerts/cpujul2022.html", "tags": ["x_refsource_MISC"]}, {"url": "https://security.netapp.com/advisory/ntap-20220616-0004/", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. This only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users. Version 4.1.77.Final contains a patch for this vulnerability. As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-668", "description": "CWE-668: Exposure of Resource to Wrong Sphere"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-378", "description": "CWE-378: Creation of Temporary File With Insecure Permissions"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-379", "description": "CWE-379: Creation of Temporary File in Directory with Insecure Permissions"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2022-07-25T16:52:21.000Z"}, "x_legacyV4Record": {"impact": {"cvss": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, "source": {"advisory": "GHSA-269q-hmxg-m83q", "discovery": "UNKNOWN"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "<= 4.1.76.Final"}]}, "product_name": "netty"}]}, "vendor_name": "netty"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/netty/netty/security/advisories/GHSA-269q-hmxg-m83q", "name": "https://github.com/netty/netty/security/advisories/GHSA-269q-hmxg-m83q", "refsource": "CONFIRM"}, {"url": "https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2", "name": "https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2", "refsource": "MISC"}, {"url": "https://github.com/netty/netty/commit/185f8b2756a36aaa4f973f1a2a025e7d981823f1", "name": "https://github.com/netty/netty/commit/185f8b2756a36aaa4f973f1a2a025e7d981823f1", "refsource": "MISC"}, {"url": "https://www.oracle.com/security-alerts/cpujul2022.html", "name": "https://www.oracle.com/security-alerts/cpujul2022.html", "refsource": "MISC"}, {"url": "https://security.netapp.com/advisory/ntap-20220616-0004/", "name": "https://security.netapp.com/advisory/ntap-20220616-0004/", "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. This only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users. Version 4.1.77.Final contains a patch for this vulnerability. As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-668: Exposure of Resource to Wrong Sphere"}]}, {"description": [{"lang": "eng", "value": "CWE-378: Creation of Temporary File With Insecure Permissions"}]}, {"description": [{"lang": "eng", "value": "CWE-379: Creation of Temporary File in Directory with Insecure Permissions"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-24823", "STATE": "PUBLIC", "TITLE": "Local Information Disclosure Vulnerability in io.netty:netty-codec-http", "ASSIGNER": "security-advisories@github.com"}}}}, "cveMetadata": {"cveId": "CVE-2022-24823", "state": "PUBLISHED", "dateUpdated": "2025-04-22T18:01:57.607Z", "dateReserved": "2022-02-10T00:00:00.000Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2022-05-06T12:05:11.000Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*", "matchCriteriaId": "C18E3C55-A603-42B2-AA47-9DC973753630", "versionEndExcluding": "4.1.77", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "55F091C7-0869-4FD6-AC73-DA697D990304", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "4D134C60-F9E2-46C2-8466-DB90AD98439E", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*", "matchCriteriaId": "F3E0B672-3E06-4422-B2A4-0BD073AEC2A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", "matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", "matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", "matchCriteriaId": "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. This only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users. Version 4.1.77.Final contains a patch for this vulnerability. As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user."}, {"lang": "es", "value": "Netty es un framework de aplicaciones de red as\u00edncronas de c\u00f3digo abierto. El paquete \"io.netty:netty-codec-http\" versiones anteriores a 4.1.77.Final contiene una correcci\u00f3n insuficiente para CVE-2021-21290. Cuando son usados los descodificadores multiparte de Netty, puede producirse una divulgaci\u00f3n de informaci\u00f3n local por medio del directorio temporal del sistema local si es habilitado el almacenamiento temporal de cargas en el disco. Esto s\u00f3lo afecta a las aplicaciones que son ejecutadas en la versi\u00f3n 6 de Java e inferior. Adem\u00e1s, esta vulnerabilidad afecta al c\u00f3digo que es ejecutado en sistemas tipo Unix, y a versiones muy antiguas de Mac OSX y Windows, ya que todos ellos comparten el directorio temporal del sistema entre todos los usuarios. La versi\u00f3n 4.1.77.Final contiene un parche para esta vulnerabilidad. Como mitigaci\u00f3n, especifique su propio \"java.io.tmpdir\" cuando inicie la JVM o use DefaultHttpDataFactory.setBaseDir(...) para establecer el directorio en algo que s\u00f3lo pueda leer el usuario actual"}], "id": "CVE-2022-24823", "lastModified": "2024-11-21T06:51:10.620", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.9, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-05-06T12:15:08.163", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/netty/netty/commit/185f8b2756a36aaa4f973f1a2a025e7d981823f1"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "url": "https://github.com/netty/netty/security/advisories/GHSA-269q-hmxg-m83q"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "url": "https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20220616-0004/"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpujul2022.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/netty/netty/commit/185f8b2756a36aaa4f973f1a2a025e7d981823f1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "url": "https://github.com/netty/netty/security/advisories/GHSA-269q-hmxg-m83q"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "url": "https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20220616-0004/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpujul2022.html"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-378"}, {"lang": "en", "value": "CWE-379"}, {"lang": "en", "value": "CWE-668"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-668"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2022:6916", "cpe": "cpe:/a:redhat:amq_broker:7", "impact": "low", "package": "netty", "product_name": "AMQ Broker 7.10.1", "release_date": "2022-10-12T00:00:00Z"}, {"advisory": "RHSA-2022:6819", "cpe": "cpe:/a:redhat:amq_streams:2", "impact": "low", "package": "netty", "product_name": "Red Hat AMQ Streams 2.2.0", "release_date": "2022-10-05T00:00:00Z"}, {"advisory": "RHSA-2023:3223", "cpe": "cpe:/a:redhat:amq_streams:2", "product_name": "Red Hat AMQ Streams 2.4.0", "release_date": "2023-05-18T00:00:00Z"}, {"advisory": "RHSA-2023:5165", "cpe": "cpe:/a:redhat:amq_streams:2", "product_name": "Red Hat AMQ Streams 2.5.0", "release_date": "2023-09-14T00:00:00Z"}, {"advisory": "RHSA-2022:8524", "cpe": "cpe:/a:redhat:jboss_data_grid:8", "package": "netty", "product_name": "Red Hat Data Grid 8.4.0", "release_date": "2022-11-17T00:00:00Z"}, {"advisory": "RHSA-2022:8652", "cpe": "cpe:/a:redhat:jboss_fuse:7", "package": "netty", "product_name": "Red Hat Fuse 7.11.1", "release_date": "2022-11-28T00:00:00Z"}, {"advisory": "RHSA-2022:5928", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4", "package": "netty", "product_name": "Red Hat JBoss Enterprise Application Platform 7", "release_date": "2022-08-08T00:00:00Z"}, {"advisory": "RHSA-2022:5893", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-netty-0:4.1.77-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-0:1-18.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-activemq-artemis-0:2.16.0-9.redhat_00042.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-aesh-extensions-0:1.8.0-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-aesh-readline-0:2.2.0-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-agroal-0:1.3.0-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-antlr-0:2.7.7-54.redhat_7.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-apache-commons-beanutils-0:1.9.4-1.redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-apache-commons-cli-0:1.4.0-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-apache-commons-codec-0:1.15.0-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-apache-commons-collections-0:3.2.2-9.redhat_2.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-apache-commons-io-0:2.10.0-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-apache-commons-lang-0:3.11.0-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-apache-commons-lang2-0:2.6.0-1.redhat_7.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-apache-cxf-0:3.3.13-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-apache-cxf-xjc-utils-0:3.3.1-1.1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-apache-mime4j-0:0.6.0-4.1.redhat_7.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-apache-sshd-0:2.7.0-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-artemis-native-1:1.0.2-3.redhat_1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-artemis-wildfly-integration-0:1.0.4-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-atinject-0:1.0.3-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-avro-0:1.7.6-7.1.redhat_2.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-azure-storage-0:8.6.6-1.1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-bouncycastle-0:1.68.0-2.redhat_00005.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-byte-buddy-0:1.11.12-2.redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-caffeine-0:2.8.8-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-cal10n-0:0.8.1-6.redhat_1.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-codehaus-jackson-0:1.9.13-10.redhat_00007.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-commons-logging-jboss-logging-0:1.0.0-1.Final_redhat_1.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-cryptacular-0:1.2.4-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-eclipse-jgit-0:5.13.0.202109080827-1.r_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-elytron-web-0:1.9.2-2.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-glassfish-concurrent-0:1.1.1-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-glassfish-fastinfoset-0:1.2.13-11.1.redhat_1.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-glassfish-jaf-0:1.2.2-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-glassfish-javamail-0:1.6.5-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-glassfish-jaxb-0:2.3.3-4.1.b02_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-glassfish-jsf-0:2.3.14-4.SP05_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-glassfish-json-0:1.1.6-2.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-gnu-getopt-0:1.0.13-6.redhat_5.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-gson-0:2.8.9-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-guava-libraries-0:30.1.0-1.1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-h2database-0:1.4.197-2.redhat_00004.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-hal-console-0:3.3.13-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-hibernate-0:5.3.27-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-hibernate-beanvalidation-api-0:2.0.2-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-hibernate-commons-annotations-0:5.0.5-1.1.Final_redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-hibernate-search-0:5.10.7-1.1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-hibernate-validator-0:6.0.23-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-hornetq-0:2.4.8-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-httpcomponents-asyncclient-0:4.1.4-1.1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-httpcomponents-client-0:4.5.13-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-httpcomponents-core-0:4.4.14-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-ironjacamar-0:1.5.3-2.SP1_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jackson-annotations-0:2.12.6-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jackson-core-0:2.12.6-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jackson-coreutils-0:1.8.0-1.redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jackson-databind-0:2.12.6.1-2.redhat_00004.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jackson-jaxrs-providers-0:2.12.6-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jackson-modules-base-0:2.12.6-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jackson-modules-java8-0:2.12.6-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jakarta-security-enterprise-api-0:1.0.2-3.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jandex-0:2.4.2-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jansi-0:1.18.0-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-java-classmate-0:1.5.1-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-javaee-jpa-spec-0:2.2.3-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-javaewah-0:1.1.7-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-javapackages-tools-0:3.4.1-5.15.6.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-javassist-0:3.27.0-2.GA_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jaxbintros-0:1.0.3-1.GA_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jaxen-0:1.1.6-14.redhat_2.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jberet-0:1.3.9-2.SP2_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-aesh-0:2.4.0-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-2.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-batch-api_1.0_spec-0:2.0.0-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-classfilewriter-0:1.2.5-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-common-beans-0:2.0.1-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-concurrency-api_1.0_spec-0:2.0.0-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-connector-api_1.7_spec-0:2.0.0-2.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-dmr-0:1.5.1-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-ejb3-ext-api-0:2.3.0-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-ejb-api_3.2_spec-0:2.0.0-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-ejb-client-0:4.0.44-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-el-api_3.0_spec-0:2.0.0-2.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-genericjms-0:2.0.9-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-iiop-client-0:1.0.1-3.Final_redhat_1.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-interceptors-api_1.2_spec-0:2.0.0-3.Final_redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-invocation-0:1.6.3-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-j2eemgmt-api_1.1_spec-0:2.0.0-2.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-jacc-api_1.5_spec-0:2.0.0-2.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-jaspi-api_1.1_spec-0:2.0.1-2.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-jaxb-api_2.3_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-jaxrpc-api_1.1_spec-0:2.0.0-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-jaxrs-api_2.1_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-jaxws-api_2.3_spec-0:2.0.0-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-jms-api_2.0_spec-0:2.0.0-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-5.SP06_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-logging-0:3.4.1-2.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-marshalling-0:2.0.12-1.1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-metadata-0:13.0.0-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-modules-0:1.12.0-2.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-msc-0:1.4.12-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-openjdk-orb-0:8.1.4-3.Final_redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-remoting-0:5.0.25-1.SP1_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-remoting-jmx-0:3.0.4-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-saaj-api_1.3_spec-0:1.0.6-1.Final_redhat_1.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-saaj-api_1.4_spec-0:1.0.2-1.Final_redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-seam-int-0:7.0.0-6.GA_redhat_2.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-security-negotiation-0:3.0.6-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-security-xacml-0:2.0.8-17.Final_redhat_8.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-server-migration-0:1.10.0-18.Final_redhat_00017.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-servlet-api_4.0_spec-0:2.0.0-2.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-stdio-0:1.1.0-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-threads-0:2.4.0-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-transaction-api_1.3_spec-0:2.0.0-4.Final_redhat_00005.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-transaction-spi-0:7.6.0-2.Final_redhat_1.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-websocket-api_1.1_spec-0:2.0.0-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-weld-3.1-api-0:3.1.0-6.SP3_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jbossws-api-0:1.1.2-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jbossws-common-0:3.3.3-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jbossws-common-tools-0:1.3.2-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jbossws-jaxws-undertow-httpspi-0:1.0.1-3.Final_redhat_1.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jbossws-spi-0:3.3.1-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-xnio-base-0:3.8.7-1.SP1_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jcip-annotations-0:1.0.0-5.redhat_8.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jctools-0:2.1.2-1.redhat_00003.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jettison-0:1.4.0-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jgroups-0:4.2.15-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jgroups-azure-0:1.3.1-1.1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jgroups-kubernetes-0:1.0.16-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-joda-time-0:2.9.7-2.redhat_1.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jsonb-spec-0:1.0.2-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-json-patch-0:1.9.0-1.redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jsoup-0:1.14.2-1.redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jul-to-slf4j-stub-0:1.0.1-7.Final_redhat_3.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-log4j-0:2.17.1-2.redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-log4j2-jboss-logmanager-0:1.0.0-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-log4j-jboss-logmanager-0:1.2.2-1.Final_redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-lucene-solr-0:5.5.5-3.redhat_2.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-mod_cluster-0:1.4.4-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-mustache-java-0:0.9.6-1.1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-neethi-0:3.1.1-1.1.redhat_1.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-netty-0:4.1.77-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-netty-tcnative-0:2.0.52-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-netty-transport-native-epoll-0:4.1.77-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-netty-xnio-transport-0:0.1.9-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-opensaml-0:3.3.1-1.1.redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-picketbox-0:5.0.3-10.Final_redhat_00009.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-picketbox-commons-0:1.0.0-4.final_redhat_5.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-picketlink-bindings-0:2.5.5-26.SP12_redhat_00014.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-picketlink-federation-0:2.5.5-21.SP12_redhat_00011.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-protostream-0:4.3.5-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-reactive-streams-0:1.0.3-2.redhat_00003.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-reactivex-rxjava-0:3.0.9-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-reactivex-rxjava2-0:2.2.20-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-resteasy-0:3.15.3-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-shibboleth-java-support-0:7.3.0-1.1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-slf4j-0:1.7.22-4.1.redhat_2.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-slf4j-jboss-logmanager-0:1.1.0-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-snakeyaml-0:1.29.0-1.redhat_00001.2.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-stax2-api-0:4.2.1-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-stax-ex-0:1.8.3-2.redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-staxmapper-0:1.3.0-2.Final_redhat_1.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-sun-istack-commons-0:3.0.10-1.1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-sun-saaj-1.3-impl-0:1.3.16-18.SP1_redhat_6.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-sun-saaj-1.4-impl-0:1.4.1-1.SP1_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-sun-ws-metadata-2.0-api-0:1.0.0-7.MR1_redhat_8.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-tomcat-taglibs-standard-0:1.2.6-2.1.RC1_redhat_1.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-undertow-0:2.2.18-2.SP2_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-undertow-jastow-0:2.0.9-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-undertow-js-0:1.0.2-2.Final_redhat_1.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-vdx-0:1.1.6-2.redhat_1.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-velocity-0:2.3.0-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-weld-cdi-2.0-api-0:2.0.2-2.redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-weld-core-0:3.1.6-1.1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-wildfly-0:7.4.6-5.GA_redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-wildfly-client-config-0:1.0.1-2.1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-wildfly-common-0:1.5.4-1.1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-wildfly-discovery-0:1.2.1-1.1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-wildfly-elytron-0:1.15.13-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-wildfly-http-client-0:1.1.12-1.SP1_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-wildfly-naming-client-0:1.0.14-1.1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-wildfly-openssl-0:2.2.3-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-wildfly-openssl-el9-x86_64-0:2.2.2-1.Final_redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-wildfly-transaction-client-0:1.1.15-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-woodstox-core-0:6.0.3-1.1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-wsdl4j-0:1.6.3-13.redhat_2.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-wss4j-0:2.2.7-1.1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-xalan-j2-0:2.7.1-36.redhat_00013.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-xerces-j2-0:2.12.0-3.SP04_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-xml-commons-resolver-0:1.2.0-7.redhat_12.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-xml-security-0:2.1.7-1.1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-xom-0:1.3.7-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5894", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2022-08-03T00:00:00Z"}, {"advisory": "RHSA-2022:5892", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package": "eap7-netty-0:4.1.77-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date": "2022-08-03T00:00:00Z"}], "bugzilla": {"description": "netty: world readable temporary file containing sensitive data", "id": "2087186", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087186"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "status": "verified"}, "cwe": "(CWE-378|CWE-379)", "details": ["Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. This only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users. Version 4.1.77.Final contains a patch for this vulnerability. As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user.", "CVE-2021-21290 contains an incomplete fix, and this addresses the issue found in netty. When using multipart decoders in netty, local information disclosure can occur via the local system temporary directory if temporary storing of uploads on the disk is enabled."], "mitigation": {"lang": "en:us", "value": "As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user."}, "name": "CVE-2022-24823", "package_state": [{"cpe": "cpe:/a:redhat:a_mq_clients:2", "fix_state": "Not affected", "impact": "low", "package_name": "netty", "product_name": "A-MQ Clients 2"}, {"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Will not fix", "package_name": "openshift-logging/elasticsearch6-rhel8", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:amq_online:1", "fix_state": "Not affected", "impact": "low", "package_name": "netty", "product_name": "Red Hat A-MQ Online"}, {"cpe": "cpe:/a:redhat:quarkus:2", "fix_state": "Fix deferred", "impact": "low", "package_name": "netty", "product_name": "Red Hat build of Quarkus"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:7", "fix_state": "Will not fix", "package_name": "netty", "product_name": "Red Hat Decision Manager 7"}, {"cpe": "cpe:/a:redhat:jboss_amq:6", "fix_state": "Out of support scope", "package_name": "netty", "product_name": "Red Hat JBoss A-MQ 6"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:7", "fix_state": "Out of support scope", "package_name": "netty", "product_name": "Red Hat JBoss Data Grid 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:5", "fix_state": "Out of support scope", "package_name": "netty", "product_name": "Red Hat JBoss Enterprise Application Platform 5"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6", "fix_state": "Out of support scope", "package_name": "netty", "product_name": "Red Hat JBoss Enterprise Application Platform 6"}, {"cpe": "cpe:/a:redhat:jbosseapxp", "fix_state": "Will not fix", "package_name": "netty", "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack"}, {"cpe": "cpe:/a:redhat:jboss_fuse:6", "fix_state": "Out of support scope", "package_name": "netty", "product_name": "Red Hat JBoss Fuse 6"}, {"cpe": "cpe:/a:redhat:jboss_operations_network:3", "fix_state": "Out of support scope", "package_name": "netty", "product_name": "Red Hat JBoss Operations Network 3"}, {"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0", "fix_state": "Not affected", "package_name": "netty", "product_name": "Red Hat OpenShift Application Runtimes"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Will not fix", "package_name": "openshift3/ose-logging-elasticsearch5", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-logging-elasticsearch5", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-logging-elasticsearch6", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/ose-metering-hadoop", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/ose-metering-hive", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/ose-metering-presto", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7", "fix_state": "Will not fix", "package_name": "netty", "product_name": "Red Hat Process Automation 7"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "package_name": "candlepin", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7", "fix_state": "Will not fix", "package_name": "netty", "product_name": "Red Hat Single Sign-On 7"}], "public_date": "2022-05-06T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-24823\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-24823"], "statement": "This issue only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users.\nRed Hat Satellite 6 is not affected as is using netty 3.6.7 version which is not impacted by this vulnerability.\nRed Hat Fuse 7 is now in Maintenance Support Phase and should be fixed soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.", "threat_severity": "Moderate"}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Exploitation poc

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object