Red Hat Product Security has determined that this CVE is not a security vulnerability.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Redhat
  • Jboss Enterprise Application Platform

No data.

Package CPE Advisory Released Date
Red Hat JBoss Enterprise Application Platform 7.4.20
undertow cpe:/a:redhat:jboss_enterprise_application_platform:7.4 RHSA-2024:10933 2024-12-10T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8
eap7-activemq-artemis-0:2.16.0-19.redhat_00053.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8 RHSA-2024:10928 2024-12-11T00:00:00Z
eap7-byte-buddy-0:1.11.12-3.redhat_00003.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8 RHSA-2024:10928 2024-12-11T00:00:00Z
eap7-jaxen-0:1.1.6-15.redhat_00003.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8 RHSA-2024:10928 2024-12-11T00:00:00Z
eap7-jboss-ejb-client-0:4.0.56-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8 RHSA-2024:10928 2024-12-11T00:00:00Z
eap7-jboss-remoting-0:5.0.30-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8 RHSA-2024:10928 2024-12-11T00:00:00Z
eap7-jboss-server-migration-0:1.10.0-40.Final_redhat_00040.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8 RHSA-2024:10928 2024-12-11T00:00:00Z
eap7-jbossws-cxf-0:5.4.13-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8 RHSA-2024:10928 2024-12-11T00:00:00Z
eap7-log4j-jboss-logmanager-0:1.3.1-2.Final_redhat_00003.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8 RHSA-2024:10928 2024-12-11T00:00:00Z
eap7-picketlink-bindings-0:2.5.5-28.SP12_redhat_00017.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8 RHSA-2024:10928 2024-12-11T00:00:00Z
eap7-resteasy-0:3.15.10-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8 RHSA-2024:10928 2024-12-11T00:00:00Z
eap7-undertow-0:2.2.37-1.SP2_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8 RHSA-2024:10928 2024-12-11T00:00:00Z
eap7-wildfly-0:7.4.20-2.GA_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8 RHSA-2024:10928 2024-12-11T00:00:00Z
eap7-wildfly-http-client-0:1.1.18-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8 RHSA-2024:10928 2024-12-11T00:00:00Z
eap7-woodstox-core-0:6.4.0-2.redhat_00003.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8 RHSA-2024:10928 2024-12-11T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9
eap7-activemq-artemis-0:2.16.0-19.redhat_00053.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9 RHSA-2024:10929 2024-12-11T00:00:00Z
eap7-byte-buddy-0:1.11.12-3.redhat_00003.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9 RHSA-2024:10929 2024-12-11T00:00:00Z
eap7-jaxen-0:1.1.6-15.redhat_00003.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9 RHSA-2024:10929 2024-12-11T00:00:00Z
eap7-jboss-ejb-client-0:4.0.56-1.Final_redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9 RHSA-2024:10929 2024-12-11T00:00:00Z
eap7-jboss-remoting-0:5.0.30-1.Final_redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9 RHSA-2024:10929 2024-12-11T00:00:00Z
eap7-jboss-server-migration-0:1.10.0-40.Final_redhat_00040.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9 RHSA-2024:10929 2024-12-11T00:00:00Z
eap7-jbossws-cxf-0:5.4.13-1.Final_redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9 RHSA-2024:10929 2024-12-11T00:00:00Z
eap7-log4j-jboss-logmanager-0:1.3.1-2.Final_redhat_00003.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9 RHSA-2024:10929 2024-12-11T00:00:00Z
eap7-picketlink-bindings-0:2.5.5-28.SP12_redhat_00017.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9 RHSA-2024:10929 2024-12-11T00:00:00Z
eap7-resteasy-0:3.15.10-1.Final_redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9 RHSA-2024:10929 2024-12-11T00:00:00Z
eap7-undertow-0:2.2.37-1.SP2_redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9 RHSA-2024:10929 2024-12-11T00:00:00Z
eap7-wildfly-0:7.4.20-2.GA_redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9 RHSA-2024:10929 2024-12-11T00:00:00Z
eap7-wildfly-http-client-0:1.1.18-1.Final_redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9 RHSA-2024:10929 2024-12-11T00:00:00Z
eap7-woodstox-core-0:6.4.0-2.redhat_00003.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9 RHSA-2024:10929 2024-12-11T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7
eap7-activemq-artemis-0:2.16.0-19.redhat_00053.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7 RHSA-2024:10927 2024-12-11T00:00:00Z
eap7-byte-buddy-0:1.11.12-3.redhat_00003.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7 RHSA-2024:10927 2024-12-11T00:00:00Z
eap7-jaxen-0:1.1.6-15.redhat_00003.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7 RHSA-2024:10927 2024-12-11T00:00:00Z
eap7-jboss-ejb-client-0:4.0.56-1.Final_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7 RHSA-2024:10927 2024-12-11T00:00:00Z
eap7-jboss-remoting-0:5.0.30-1.Final_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7 RHSA-2024:10927 2024-12-11T00:00:00Z
eap7-jboss-server-migration-0:1.10.0-40.Final_redhat_00040.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7 RHSA-2024:10927 2024-12-11T00:00:00Z
eap7-jbossws-cxf-0:5.4.13-1.Final_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7 RHSA-2024:10927 2024-12-11T00:00:00Z
eap7-log4j-jboss-logmanager-0:1.3.1-2.Final_redhat_00003.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7 RHSA-2024:10927 2024-12-11T00:00:00Z
eap7-picketlink-bindings-0:2.5.5-28.SP12_redhat_00017.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7 RHSA-2024:10927 2024-12-11T00:00:00Z
eap7-resteasy-0:3.15.10-1.Final_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7 RHSA-2024:10927 2024-12-11T00:00:00Z
eap7-undertow-0:2.2.37-1.SP2_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7 RHSA-2024:10927 2024-12-11T00:00:00Z
eap7-wildfly-0:7.4.20-2.GA_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7 RHSA-2024:10927 2024-12-11T00:00:00Z
eap7-wildfly-http-client-0:1.1.18-1.Final_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7 RHSA-2024:10927 2024-12-11T00:00:00Z
eap7-woodstox-core-0:6.4.0-2.redhat_00003.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7 RHSA-2024:10927 2024-12-11T00:00:00Z
Red Hat JBoss Enterprise Application Platform 8
cpe:/a:redhat:jboss_enterprise_application_platform:8.0 RHSA-2024:11570 2024-12-19T00:00:00Z
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8
eap8-activemq-artemis-0:2.33.0-2.redhat_00016.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-angus-activation-0:2.0.2-1.redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-apache-commons-lang-0:3.14.0-3.redhat_00007.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-atinject-0:2.0.1-3.redhat_00006.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-azure-storage-0:8.6.6-4.redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-commons-logging-jboss-logging-0:1.0.0-2.Final_redhat_1.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-eap-product-conf-parent-0:800.5.0-1.GA_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-ecj-1:3.31.0-2.redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-expressly-0:5.0.0-5.redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-hal-console-0:3.6.20-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-hibernate-0:6.2.32-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-hornetq-0:2.4.10-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-jakarta-activation-0:2.1.3-1.redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-jakarta-xml-bind-api-0:4.0.2-1.redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-jansi-0:1.18.0-2.redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-javaee-security-soteria-0:3.0.0-3.redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-jboss-ejb-client-0:5.0.8-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-jboss-marshalling-0:2.1.6-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-jboss-remoting-0:5.0.30-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-jboss-weld-api-0:5.0.0-4.SP3_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-jbossws-cxf-0:7.3.0-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-jctools-0:4.0.5-1.redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-jsonb-spec-0:3.0.1-1.redhat_00002.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-narayana-0:6.0.4-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-netty-0:4.1.114-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-netty-transport-native-epoll-0:4.1.114-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-parsson-0:1.1.7-1.redhat_00002.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-resteasy-0:6.2.11-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-undertow-0:2.3.18-1.SP1_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-undertow-jastow-0:2.2.8-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-vdx-0:1.1.6-3.redhat_1.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-wildfly-0:8.0.5-3.GA_redhat_00002.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-wildfly-elytron-0:2.2.7-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-wildfly-elytron-ee-0:3.0.3-2.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
eap8-yasson-0:3.0.4-1.redhat_00002.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 RHSA-2024:11559 2024-12-19T00:00:00Z
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9
eap8-activemq-artemis-0:2.33.0-2.redhat_00016.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-angus-activation-0:2.0.2-1.redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-apache-commons-lang-0:3.14.0-3.redhat_00007.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-atinject-0:2.0.1-3.redhat_00006.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-azure-storage-0:8.6.6-4.redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-commons-logging-jboss-logging-0:1.0.0-2.Final_redhat_1.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-eap-product-conf-parent-0:800.5.0-1.GA_redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-ecj-1:3.31.0-2.redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-expressly-0:5.0.0-5.redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-hal-console-0:3.6.20-1.Final_redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-hibernate-0:6.2.32-1.Final_redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-hornetq-0:2.4.10-1.Final_redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-jakarta-activation-0:2.1.3-1.redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-jakarta-xml-bind-api-0:4.0.2-1.redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-jansi-0:1.18.0-2.redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-javaee-security-soteria-0:3.0.0-3.redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-jboss-ejb-client-0:5.0.8-1.Final_redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-jboss-marshalling-0:2.1.6-1.Final_redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-jboss-remoting-0:5.0.30-1.Final_redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-jboss-weld-api-0:5.0.0-4.SP3_redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-jbossws-cxf-0:7.3.0-1.Final_redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-jctools-0:4.0.5-1.redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-jsonb-spec-0:3.0.1-1.redhat_00002.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-narayana-0:6.0.4-1.Final_redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-netty-0:4.1.114-1.Final_redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-netty-transport-native-epoll-0:4.1.114-1.Final_redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-parsson-0:1.1.7-1.redhat_00002.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-resteasy-0:6.2.11-1.Final_redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-undertow-0:2.3.18-1.SP1_redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-undertow-jastow-0:2.2.8-1.Final_redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-vdx-0:1.1.6-3.redhat_1.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-wildfly-0:8.0.5-3.GA_redhat_00002.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-wildfly-elytron-0:2.2.7-1.Final_redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-wildfly-elytron-ee-0:3.0.3-2.Final_redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
eap8-yasson-0:3.0.4-1.redhat_00002.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 RHSA-2024:11560 2024-12-19T00:00:00Z
References
Link Providers
https://github.com/undertow-io/undertow/pull/1668# cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-4109 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-4109 cve-icon
History

Thu, 13 Feb 2025 00:45:00 +0000

Type Values Removed Values Added
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

threat_severity

Moderate

 cvssV3_1

{'score': 0.0, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N'}

threat_severity

None

Thu, 16 Jan 2025 22:45:00 +0000

Type Values Removed Values Added
References
Metrics cvssV3_1

{'score': 0.0, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N'}

 cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

Thu, 16 Jan 2025 22:15:00 +0000

Type Values Removed Values Added
Title Undertow: information leakage via http/2 request header reuse undertow: information leakage via HTTP/2 request header reuse
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 16 Jan 2025 22:00:00 +0000

Type Values Removed Values Added
Description A flaw was found in Undertow. An HTTP request header value from a previous stream may be incorrectly reused for a request associated with a subsequent stream on the same HTTP/2 connection. This issue can potentially lead to information leakage between requests. Red Hat Product Security has determined that this CVE is not a security vulnerability.

Thu, 16 Jan 2025 20:45:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:build_keycloak:
cpe:/a:redhat:camel_spring_boot:3
cpe:/a:redhat:camel_spring_boot:4
cpe:/a:redhat:integration:1
cpe:/a:redhat:jboss_data_grid:7
cpe:/a:redhat:jboss_data_grid:8
cpe:/a:redhat:jboss_enterprise_bpms_platform:7
cpe:/a:redhat:jboss_fuse:7
cpe:/a:redhat:jbosseapxp
cpe:/a:redhat:red_hat_single_sign_on:7
cpe:/a:redhat:rhboac_hawtio:4
Vendors & Products Redhat build Keycloak
Redhat camel Spring Boot
Redhat integration
Redhat jboss Data Grid
Redhat jboss Enterprise Bpms Platform
Redhat jboss Fuse
Redhat jbosseapxp
Redhat red Hat Single Sign On
Redhat rhboac Hawtio
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

 cvssV3_1

{'score': 0, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N'}

Thu, 19 Dec 2024 16:00:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:jboss_enterprise_application_platform:8.0
cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9
References

Thu, 19 Dec 2024 15:00:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:jboss_enterprise_application_platform:8 cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8
References

Tue, 17 Dec 2024 11:00:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:jboss_enterprise_application_platform:7
References

Mon, 16 Dec 2024 02:15:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:jboss_enterprise_application_platform:7.4
cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9

Thu, 12 Dec 2024 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 12 Dec 2024 13:45:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Moderate

Thu, 12 Dec 2024 09:15:00 +0000

Type Values Removed Values Added
Description A flaw was found in Undertow. An HTTP request header value from a previous stream may be incorrectly reused for a request associated with a subsequent stream on the same HTTP/2 connection. This issue can potentially lead to information leakage between requests.
Title Undertow: information leakage via http/2 request header reuse
First Time appeared Redhat
Redhat build Keycloak
Redhat camel Spring Boot
Redhat integration
Redhat jboss Data Grid
Redhat jboss Enterprise Application Platform
Redhat jboss Enterprise Bpms Platform
Redhat jboss Fuse
Redhat jbosseapxp
Redhat red Hat Single Sign On
Redhat rhboac Hawtio
Weaknesses CWE-200
CPEs cpe:/a:redhat:build_keycloak:
cpe:/a:redhat:camel_spring_boot:3
cpe:/a:redhat:camel_spring_boot:4
cpe:/a:redhat:integration:1
cpe:/a:redhat:jboss_data_grid:7
cpe:/a:redhat:jboss_data_grid:8
cpe:/a:redhat:jboss_enterprise_application_platform:7
cpe:/a:redhat:jboss_enterprise_application_platform:8
cpe:/a:redhat:jboss_enterprise_bpms_platform:7
cpe:/a:redhat:jboss_fuse:7
cpe:/a:redhat:jbosseapxp
cpe:/a:redhat:red_hat_single_sign_on:7
cpe:/a:redhat:rhboac_hawtio:4
Vendors & Products Redhat
Redhat build Keycloak
Redhat camel Spring Boot
Redhat integration
Redhat jboss Data Grid
Redhat jboss Enterprise Application Platform
Redhat jboss Enterprise Bpms Platform
Redhat jboss Fuse
Redhat jbosseapxp
Redhat red Hat Single Sign On
Redhat rhboac Hawtio
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}
cve-icon MITRE

Status: REJECTED

Assigner: redhat

Published: 2024-12-12T09:04:50.299Z

Updated: 2025-01-16T21:48:39.856Z

Reserved: 2024-04-24T00:55:26.417Z

Link: CVE-2024-4109

cve-icon Vulnrichment

Updated:

cve-icon NVD

Status : Rejected

Published: 2024-12-12T09:15:06.207

Modified: 2025-01-16T22:15:40.107

Link: CVE-2024-4109

cve-icon Redhat

Severity :

Publid Date: 2024-12-10T16:35:00Z

Links: CVE-2024-4109 - Bugzilla