CVE-2024-51127 - Vulnerability Details

An issue in the createTempFile method of hornetq v2.4.9 allows attackers to arbitrarily overwrite files or access sensitive information.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Redhat	Hornetq Jboss Enterprise Application Platform

Configuration 1 [-]

cpe:2.3:a:redhat:hornetq:*:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat JBoss Enterprise Application Platform 7
	cpe:/a:redhat:jboss_enterprise_application_platform:7.4	RHSA-2024:11531	2024-12-19T00:00:00Z
org.hornetq/hornetq-core-client	cpe:/a:redhat:jboss_enterprise_application_platform:7.4	RHSA-2025:1635	2025-02-18T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8
eap7-hornetq-0:2.4.11-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8	RHSA-2024:11529	2024-12-19T00:00:00Z
eap7-hal-console-0:3.3.25-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8	RHSA-2025:1637	2025-02-18T00:00:00Z
eap7-hibernate-0:5.3.37-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8	RHSA-2025:1637	2025-02-18T00:00:00Z
eap7-jbossws-common-0:3.4.0-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8	RHSA-2025:1637	2025-02-18T00:00:00Z
eap7-jbossws-cxf-0:5.4.14-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8	RHSA-2025:1637	2025-02-18T00:00:00Z
eap7-opensaml-0:3.4.6-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8	RHSA-2025:1637	2025-02-18T00:00:00Z
eap7-wildfly-0:7.4.21-2.GA_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8	RHSA-2025:1637	2025-02-18T00:00:00Z
eap7-xml-security-0:2.3.5-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8	RHSA-2025:1637	2025-02-18T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9
eap7-hornetq-0:2.4.11-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2024:11529	2024-12-19T00:00:00Z
eap7-hal-console-0:3.3.25-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2025:1638	2025-02-18T00:00:00Z
eap7-hibernate-0:5.3.37-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2025:1638	2025-02-18T00:00:00Z
eap7-jbossws-common-0:3.4.0-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2025:1638	2025-02-18T00:00:00Z
eap7-jbossws-cxf-0:5.4.14-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2025:1638	2025-02-18T00:00:00Z
eap7-opensaml-0:3.4.6-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2025:1638	2025-02-18T00:00:00Z
eap7-wildfly-0:7.4.21-2.GA_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2025:1638	2025-02-18T00:00:00Z
eap7-xml-security-0:2.3.5-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2025:1638	2025-02-18T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7
eap7-hornetq-0:2.4.11-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7	RHSA-2024:11529	2024-12-19T00:00:00Z
eap7-hal-console-0:3.3.25-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7	RHSA-2025:1636	2025-02-18T00:00:00Z
eap7-hibernate-0:5.3.37-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7	RHSA-2025:1636	2025-02-18T00:00:00Z
eap7-jbossws-common-0:3.4.0-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7	RHSA-2025:1636	2025-02-18T00:00:00Z
eap7-jbossws-cxf-0:5.4.14-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7	RHSA-2025:1636	2025-02-18T00:00:00Z
eap7-opensaml-0:3.4.6-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7	RHSA-2025:1636	2025-02-18T00:00:00Z
eap7-wildfly-0:7.4.21-2.GA_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7	RHSA-2025:1636	2025-02-18T00:00:00Z
eap7-xml-security-0:2.3.5-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7	RHSA-2025:1636	2025-02-18T00:00:00Z
Red Hat JBoss Enterprise Application Platform 8
org.hornetq/hornetq-core-client	cpe:/a:redhat:jboss_enterprise_application_platform:8.0	RHSA-2024:11570	2024-12-19T00:00:00Z
org.jboss.eap-jboss-eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0	RHSA-2024:11570	2024-12-19T00:00:00Z
org.hornetq/hornetq-core-client	cpe:/a:redhat:jboss_enterprise_application_platform:8.0	RHSA-2025:0372	2025-01-16T00:00:00Z
org.jboss.eap-jboss-eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0	RHSA-2025:0372	2025-01-16T00:00:00Z
org.jboss.ws.cxf-jbossws-cxf	cpe:/a:redhat:jboss_enterprise_application_platform:8.0	RHSA-2025:0372	2025-01-16T00:00:00Z
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8
eap8-activemq-artemis-0:2.33.0-2.redhat_00016.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-angus-activation-0:2.0.2-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-apache-commons-lang-0:3.14.0-3.redhat_00007.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-atinject-0:2.0.1-3.redhat_00006.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-azure-storage-0:8.6.6-4.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-commons-logging-jboss-logging-0:1.0.0-2.Final_redhat_1.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-eap-product-conf-parent-0:800.5.0-1.GA_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-ecj-1:3.31.0-2.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-expressly-0:5.0.0-5.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-hal-console-0:3.6.20-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-hibernate-0:6.2.32-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-hornetq-0:2.4.10-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-jakarta-activation-0:2.1.3-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-jakarta-xml-bind-api-0:4.0.2-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-jansi-0:1.18.0-2.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-javaee-security-soteria-0:3.0.0-3.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-jboss-ejb-client-0:5.0.8-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-jboss-marshalling-0:2.1.6-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-jboss-remoting-0:5.0.30-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-jboss-weld-api-0:5.0.0-4.SP3_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-jbossws-cxf-0:7.3.0-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-jctools-0:4.0.5-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-jsonb-spec-0:3.0.1-1.redhat_00002.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-narayana-0:6.0.4-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-netty-0:4.1.114-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-netty-transport-native-epoll-0:4.1.114-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-parsson-0:1.1.7-1.redhat_00002.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-resteasy-0:6.2.11-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-undertow-0:2.3.18-1.SP1_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-undertow-jastow-0:2.2.8-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-vdx-0:1.1.6-3.redhat_1.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-wildfly-0:8.0.5-3.GA_redhat_00002.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-wildfly-elytron-0:2.2.7-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-wildfly-elytron-ee-0:3.0.3-2.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-yasson-0:3.0.4-1.redhat_00002.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:11559	2024-12-19T00:00:00Z
eap8-eap-product-conf-parent-0:800.5.1-1.GA_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2025:0371	2025-01-16T00:00:00Z
eap8-hornetq-0:2.4.11-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2025:0371	2025-01-16T00:00:00Z
eap8-jgroups-1:5.2.23-2.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2025:0371	2025-01-16T00:00:00Z
eap8-wildfly-0:8.0.5-5.GA_redhat_00004.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2025:0371	2025-01-16T00:00:00Z
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9
eap8-activemq-artemis-0:2.33.0-2.redhat_00016.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-angus-activation-0:2.0.2-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-apache-commons-lang-0:3.14.0-3.redhat_00007.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-atinject-0:2.0.1-3.redhat_00006.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-azure-storage-0:8.6.6-4.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-commons-logging-jboss-logging-0:1.0.0-2.Final_redhat_1.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-eap-product-conf-parent-0:800.5.0-1.GA_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-ecj-1:3.31.0-2.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-expressly-0:5.0.0-5.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-hal-console-0:3.6.20-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-hibernate-0:6.2.32-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-hornetq-0:2.4.10-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-jakarta-activation-0:2.1.3-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-jakarta-xml-bind-api-0:4.0.2-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-jansi-0:1.18.0-2.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-javaee-security-soteria-0:3.0.0-3.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-jboss-ejb-client-0:5.0.8-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-jboss-marshalling-0:2.1.6-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-jboss-remoting-0:5.0.30-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-jboss-weld-api-0:5.0.0-4.SP3_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-jbossws-cxf-0:7.3.0-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-jctools-0:4.0.5-1.redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-jsonb-spec-0:3.0.1-1.redhat_00002.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-narayana-0:6.0.4-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-netty-0:4.1.114-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-netty-transport-native-epoll-0:4.1.114-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-parsson-0:1.1.7-1.redhat_00002.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-resteasy-0:6.2.11-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-undertow-0:2.3.18-1.SP1_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-undertow-jastow-0:2.2.8-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-vdx-0:1.1.6-3.redhat_1.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-wildfly-0:8.0.5-3.GA_redhat_00002.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-wildfly-elytron-0:2.2.7-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-wildfly-elytron-ee-0:3.0.3-2.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-yasson-0:3.0.4-1.redhat_00002.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:11560	2024-12-19T00:00:00Z
eap8-eap-product-conf-parent-0:800.5.1-1.GA_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2025:0371	2025-01-16T00:00:00Z
eap8-hornetq-0:2.4.11-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2025:0371	2025-01-16T00:00:00Z
eap8-jgroups-1:5.2.23-2.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2025:0371	2025-01-16T00:00:00Z
eap8-wildfly-0:8.0.5-5.GA_redhat_00004.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2025:0371	2025-01-16T00:00:00Z

References

Link	Providers
http://hornetq.com
https://github.com/JAckLosingHeart/CWE-378/blob/main/CVE-2024-51127.md
https://nvd.nist.gov/vuln/detail/CVE-2024-51127
https://www.cve.org/CVERecord?id=CVE-2024-51127

History

Fri, 20 Dec 2024 02:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat jboss Enterprise Application Platform
CPEs		cpe:/a:redhat:jboss_enterprise_application_platform:7.4 cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7 cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8 cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9 cpe:/a:redhat:jboss_enterprise_application_platform:8.0 cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9
Vendors & Products		Redhat jboss Enterprise Application Platform

Fri, 29 Nov 2024 02:15:00 +0000

Type	Values Removed	Values Added
Title		hornetq-core-client: Arbitrarily overwrite files or access sensitive information
References		https://nvd.nist.gov/vuln/detail/CVE-2024-51127 https://www.cve.org/CVERecord?id=CVE-2024-51127
Metrics	threat_severity `None`	threat_severity `Important`

Fri, 22 Nov 2024 12:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-22

Wed, 06 Nov 2024 19:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat Redhat hornetq
Weaknesses		NVD-CWE-noinfo
CPEs		cpe:2.3:a:redhat:hornetq::::::::
Vendors & Products		Redhat Redhat hornetq
Metrics		cvssV3_1 `{'score': 7.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N'}`

Mon, 04 Nov 2024 17:30:00 +0000

Type	Values Removed	Values Added
Description		An issue in the createTempFile method of hornetq v2.4.9 allows attackers to arbitrarily overwrite files or access sensitive information.
References		http://hornetq.com https://github.com/JAckLosingHeart/CWE-378/blob/main/CVE-2024-51127.md

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-11-04T00:00:00

Updated: 2024-11-06T16:11:29.503Z

Reserved: 2024-10-28T00:00:00

Link: CVE-2024-51127

Vulnrichment

No data.

NVD

Status : Modified

Published: 2024-11-04T18:15:05.113

Modified: 2024-11-21T09:45:17.017

Link: CVE-2024-51127

Redhat

Severity : Important

Publid Date: 2024-11-04T00:00:00Z

Links: CVE-2024-51127 - Bugzilla

{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2024-51127", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-11-06T16:11:29.503Z", "dateReserved": "2024-10-28T00:00:00", "datePublished": "2024-11-04T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-11-04T17:13:29.707070"}, "descriptions": [{"lang": "en", "value": "An issue in the createTempFile method of hornetq v2.4.9 allows attackers to arbitrarily overwrite files or access sensitive information."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "http://hornetq.com"}, {"url": "https://github.com/JAckLosingHeart/CWE-378/blob/main/CVE-2024-51127.md"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-22", "lang": "en", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "affected": [{"vendor": "redhat", "product": "hornetq", "cpes": ["cpe:2.3:a:redhat:hornetq:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.4.9", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-11-06T16:04:11.127415Z", "id": "CVE-2024-51127", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-06T16:11:29.503Z"}}]}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:hornetq:*:*:*:*:*:*:*:*", "matchCriteriaId": "5439269D-3160-4A8D-A488-33F5120D0FEC", "versionEndIncluding": "2.4.9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue in the createTempFile method of hornetq v2.4.9 allows attackers to arbitrarily overwrite files or access sensitive information."}, {"lang": "es", "value": " Un problema en el m\u00e9todo createTempFile de hornetq v2.4.9 permite a los atacantes sobrescribir archivos arbitrariamente o acceder a informaci\u00f3n confidencial."}], "id": "CVE-2024-51127", "lastModified": "2024-11-21T09:45:17.017", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-11-04T18:15:05.113", "references": [{"source": "cve@mitre.org", "tags": ["Product"], "url": "http://hornetq.com"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Mitigation"], "url": "https://github.com/JAckLosingHeart/CWE-378/blob/main/CVE-2024-51127.md"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-22"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2024:11531", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4", "product_name": "Red Hat JBoss Enterprise Application Platform 7", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2025:1635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4", "package": "org.hornetq/hornetq-core-client", "product_name": "Red Hat JBoss Enterprise Application Platform 7", "release_date": "2025-02-18T00:00:00Z"}, {"advisory": "RHSA-2024:11529", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-hornetq-0:2.4.11-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2025:1637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-hal-console-0:3.3.25-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2025-02-18T00:00:00Z"}, {"advisory": "RHSA-2025:1637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-hibernate-0:5.3.37-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2025-02-18T00:00:00Z"}, {"advisory": "RHSA-2025:1637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-jbossws-common-0:3.4.0-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2025-02-18T00:00:00Z"}, {"advisory": "RHSA-2025:1637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-jbossws-cxf-0:5.4.14-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2025-02-18T00:00:00Z"}, {"advisory": "RHSA-2025:1637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-opensaml-0:3.4.6-1.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2025-02-18T00:00:00Z"}, {"advisory": "RHSA-2025:1637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-wildfly-0:7.4.21-2.GA_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2025-02-18T00:00:00Z"}, {"advisory": "RHSA-2025:1637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-xml-security-0:2.3.5-1.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2025-02-18T00:00:00Z"}, {"advisory": "RHSA-2024:11529", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-hornetq-0:2.4.11-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2025:1638", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-hal-console-0:3.3.25-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2025-02-18T00:00:00Z"}, {"advisory": "RHSA-2025:1638", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-hibernate-0:5.3.37-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2025-02-18T00:00:00Z"}, {"advisory": "RHSA-2025:1638", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jbossws-common-0:3.4.0-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2025-02-18T00:00:00Z"}, {"advisory": "RHSA-2025:1638", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jbossws-cxf-0:5.4.14-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2025-02-18T00:00:00Z"}, {"advisory": "RHSA-2025:1638", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-opensaml-0:3.4.6-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2025-02-18T00:00:00Z"}, {"advisory": "RHSA-2025:1638", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-wildfly-0:7.4.21-2.GA_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2025-02-18T00:00:00Z"}, {"advisory": "RHSA-2025:1638", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-xml-security-0:2.3.5-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2025-02-18T00:00:00Z"}, {"advisory": "RHSA-2024:11529", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package": "eap7-hornetq-0:2.4.11-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2025:1636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package": "eap7-hal-console-0:3.3.25-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date": "2025-02-18T00:00:00Z"}, {"advisory": "RHSA-2025:1636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package": "eap7-hibernate-0:5.3.37-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date": "2025-02-18T00:00:00Z"}, {"advisory": "RHSA-2025:1636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package": "eap7-jbossws-common-0:3.4.0-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date": "2025-02-18T00:00:00Z"}, {"advisory": "RHSA-2025:1636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package": "eap7-jbossws-cxf-0:5.4.14-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date": "2025-02-18T00:00:00Z"}, {"advisory": "RHSA-2025:1636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package": "eap7-opensaml-0:3.4.6-1.redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date": "2025-02-18T00:00:00Z"}, {"advisory": "RHSA-2025:1636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package": "eap7-wildfly-0:7.4.21-2.GA_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date": "2025-02-18T00:00:00Z"}, {"advisory": "RHSA-2025:1636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package": "eap7-xml-security-0:2.3.5-1.redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date": "2025-02-18T00:00:00Z"}, {"advisory": "RHSA-2024:11570", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0", "package": "org.hornetq/hornetq-core-client", "product_name": "Red Hat JBoss Enterprise Application Platform 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11570", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0", "package": "org.jboss.eap-jboss-eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2025:0372", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0", "package": "org.hornetq/hornetq-core-client", "product_name": "Red Hat JBoss Enterprise Application Platform 8", "release_date": "2025-01-16T00:00:00Z"}, {"advisory": "RHSA-2025:0372", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0", "package": "org.jboss.eap-jboss-eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8", "release_date": "2025-01-16T00:00:00Z"}, {"advisory": "RHSA-2025:0372", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0", "package": "org.jboss.ws.cxf-jbossws-cxf", "product_name": "Red Hat JBoss Enterprise Application Platform 8", "release_date": "2025-01-16T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-activemq-artemis-0:2.33.0-2.redhat_00016.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-angus-activation-0:2.0.2-1.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-apache-commons-lang-0:3.14.0-3.redhat_00007.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-atinject-0:2.0.1-3.redhat_00006.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-azure-storage-0:8.6.6-4.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-commons-logging-jboss-logging-0:1.0.0-2.Final_redhat_1.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-eap-product-conf-parent-0:800.5.0-1.GA_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-ecj-1:3.31.0-2.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-expressly-0:5.0.0-5.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-hal-console-0:3.6.20-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-hibernate-0:6.2.32-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-hornetq-0:2.4.10-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-jakarta-activation-0:2.1.3-1.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-jakarta-xml-bind-api-0:4.0.2-1.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-jansi-0:1.18.0-2.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-javaee-security-soteria-0:3.0.0-3.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-jboss-ejb-client-0:5.0.8-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-jboss-marshalling-0:2.1.6-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-jboss-remoting-0:5.0.30-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-jboss-weld-api-0:5.0.0-4.SP3_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-jbossws-cxf-0:7.3.0-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-jctools-0:4.0.5-1.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-jsonb-spec-0:3.0.1-1.redhat_00002.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-narayana-0:6.0.4-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-netty-0:4.1.114-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-netty-transport-native-epoll-0:4.1.114-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-parsson-0:1.1.7-1.redhat_00002.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-resteasy-0:6.2.11-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-undertow-0:2.3.18-1.SP1_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-undertow-jastow-0:2.2.8-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-vdx-0:1.1.6-3.redhat_1.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-wildfly-0:8.0.5-3.GA_redhat_00002.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-wildfly-elytron-0:2.2.7-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-wildfly-elytron-ee-0:3.0.3-2.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-yasson-0:3.0.4-1.redhat_00002.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2025:0371", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-eap-product-conf-parent-0:800.5.1-1.GA_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2025-01-16T00:00:00Z"}, {"advisory": "RHSA-2025:0371", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-hornetq-0:2.4.11-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2025-01-16T00:00:00Z"}, {"advisory": "RHSA-2025:0371", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-jgroups-1:5.2.23-2.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2025-01-16T00:00:00Z"}, {"advisory": "RHSA-2025:0371", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-wildfly-0:8.0.5-5.GA_redhat_00004.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2025-01-16T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-activemq-artemis-0:2.33.0-2.redhat_00016.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-angus-activation-0:2.0.2-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-apache-commons-lang-0:3.14.0-3.redhat_00007.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-atinject-0:2.0.1-3.redhat_00006.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-azure-storage-0:8.6.6-4.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-commons-logging-jboss-logging-0:1.0.0-2.Final_redhat_1.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-eap-product-conf-parent-0:800.5.0-1.GA_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-ecj-1:3.31.0-2.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-expressly-0:5.0.0-5.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-hal-console-0:3.6.20-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-hibernate-0:6.2.32-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-hornetq-0:2.4.10-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-jakarta-activation-0:2.1.3-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-jakarta-xml-bind-api-0:4.0.2-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-jansi-0:1.18.0-2.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-javaee-security-soteria-0:3.0.0-3.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-jboss-ejb-client-0:5.0.8-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-jboss-marshalling-0:2.1.6-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-jboss-remoting-0:5.0.30-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-jboss-weld-api-0:5.0.0-4.SP3_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-jbossws-cxf-0:7.3.0-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-jctools-0:4.0.5-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-jsonb-spec-0:3.0.1-1.redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-narayana-0:6.0.4-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-netty-0:4.1.114-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-netty-transport-native-epoll-0:4.1.114-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-parsson-0:1.1.7-1.redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-resteasy-0:6.2.11-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-undertow-0:2.3.18-1.SP1_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-undertow-jastow-0:2.2.8-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-vdx-0:1.1.6-3.redhat_1.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-wildfly-0:8.0.5-3.GA_redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-wildfly-elytron-0:2.2.7-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-wildfly-elytron-ee-0:3.0.3-2.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2024:11560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-yasson-0:3.0.4-1.redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-12-19T00:00:00Z"}, {"advisory": "RHSA-2025:0371", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-eap-product-conf-parent-0:800.5.1-1.GA_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2025-01-16T00:00:00Z"}, {"advisory": "RHSA-2025:0371", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-hornetq-0:2.4.11-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2025-01-16T00:00:00Z"}, {"advisory": "RHSA-2025:0371", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-jgroups-1:5.2.23-2.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2025-01-16T00:00:00Z"}, {"advisory": "RHSA-2025:0371", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-wildfly-0:8.0.5-5.GA_redhat_00004.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2025-01-16T00:00:00Z"}], "bugzilla": {"description": "hornetq-core-client: Arbitrarily overwrite files or access sensitive information", "id": "2323697", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2323697"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "status": "verified"}, "cwe": "CWE-22", "details": ["An issue in the createTempFile method of hornetq v2.4.9 allows attackers to arbitrarily overwrite files or access sensitive information.", "A flaw was found in the createTempFile method of hornetq. Affected version of hornetq allows attackers to arbitrarily overwrite files or access sensitive information."], "mitigation": {"lang": "en:us", "value": "There is currently no known mitigation for this vulnerability."}, "name": "CVE-2024-51127", "package_state": [{"cpe": "cpe:/a:redhat:build_keycloak:", "fix_state": "Not affected", "package_name": "org.hornetq/hornetq-core-client", "product_name": "Red Hat Build of Keycloak"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Will not fix", "package_name": "org.hornetq/hornetq-core-client", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:7", "fix_state": "Out of support scope", "package_name": "org.hornetq/hornetq-core-client", "product_name": "Red Hat JBoss Data Grid 7"}, {"cpe": "cpe:/a:redhat:jbosseapxp", "fix_state": "Not affected", "package_name": "org.hornetq/hornetq-core-client", "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack"}, {"cpe": "cpe:/a:redhat:jbosseapxp", "fix_state": "Not affected", "package_name": "org.jboss.eap-jboss-eap", "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack"}, {"cpe": "cpe:/a:redhat:jbosseapxp", "fix_state": "Not affected", "package_name": "org.jboss.eap-jboss-eap-xp", "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7", "fix_state": "Not affected", "package_name": "org.hornetq/hornetq-core-client", "product_name": "Red Hat Process Automation 7"}, {"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7", "fix_state": "Not affected", "package_name": "org.hornetq/hornetq-core-client", "product_name": "Red Hat Single Sign-On 7"}], "public_date": "2024-11-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-51127\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-51127\nhttp://hornetq.com\nhttps://github.com/JAckLosingHeart/CWE-378/blob/main/CVE-2024-51127.md"], "threat_severity": "Important"}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object