{ "threat_severity" : "Important", "public_date" : "2020-09-22T00:00:00Z", "bugzilla" : { "description" : "wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL", "id" : "1885485", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1885485" }, "cvss3" : { "cvss3_base_score" : "7.5", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-401", "details" : [ "A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. It may allow the attacker to cause OOM leading to a denial of service. The highest threat from this vulnerability is to system availability.", "A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. This flaw allows an attacker to cause an Out of memory (OOM) issue, leading to a denial of service. The highest threat from this vulnerability is to system availability." ], "affected_release" : [ { "product_name" : "EAP 7.3.3", "release_date" : "2020-11-04T00:00:00Z", "advisory" : "RHSA-2020:4923", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3", "package" : "wildfly-openssl-natives-parent" }, { "product_name" : "Red Hat Data Grid 7.3.8", "release_date" : "2020-12-14T00:00:00Z", "advisory" : "RHSA-2020:5410", "cpe" : "cpe:/a:redhat:jboss_data_grid:7.3", "package" : "wildfly-openssl" }, { "product_name" : "Red Hat Data Grid 8.1.1", "release_date" : "2021-02-08T00:00:00Z", "advisory" : "RHSA-2021:0433", "cpe" : "cpe:/a:redhat:jboss_data_grid:8", "package" : "wildfly-openssl", "impact" : "moderate" }, { "product_name" : "Red Hat Fuse 7.9", "release_date" : "2021-08-11T00:00:00Z", "advisory" : "RHSA-2021:3140", "cpe" : "cpe:/a:redhat:jboss_fuse:7", "package" : "wildfly-openssl", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7", "release_date" : "2020-10-14T00:00:00Z", "advisory" : "RHSA-2020:4257", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3", "package" : "wildfly-openssl-natives-parent" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5344", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date" : "2025-06-25T00:00:00Z", "advisory" : "RHSA-2025:9582", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package" : "eap7-glassfish-el-0:3.0.1-4.b08_redhat_00005.1.ep7.el7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date" : "2025-06-25T00:00:00Z", "advisory" : "RHSA-2025:9582", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package" : "eap7-hibernate-0:5.1.17-3.Final_redhat_00004.1.ep7.el7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date" : "2025-06-25T00:00:00Z", "advisory" : "RHSA-2025:9582", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package" : "eap7-jackson-databind-0:2.8.11.6-3.SP1_redhat_00003.1.ep7.el7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date" : "2025-06-25T00:00:00Z", "advisory" : "RHSA-2025:9582", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package" : "eap7-jboss-ejb-client-0:4.0.12-1.Final_redhat_00002.1.ep7.el7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date" : "2025-06-25T00:00:00Z", "advisory" : "RHSA-2025:9582", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package" : "eap7-netty-0:4.1.63-2.Final_redhat_00003.1.ep7.el7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date" : "2025-06-25T00:00:00Z", "advisory" : "RHSA-2025:9582", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package" : "eap7-undertow-0:1.4.18-16.SP14_redhat_00001.1.ep7.el7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date" : "2025-06-25T00:00:00Z", "advisory" : "RHSA-2025:9582", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package" : "eap7-wildfly-0:7.1.11-4.GA_redhat_00002.1.ep7.el7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date" : "2025-06-25T00:00:00Z", "advisory" : "RHSA-2025:9582", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package" : "eap7-wildfly-elytron-0:1.1.14-1.Final_redhat_00001.1.ep7.el7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date" : "2025-06-25T00:00:00Z", "advisory" : "RHSA-2025:9582", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package" : "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.ep7.el7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date" : "2025-06-25T00:00:00Z", "advisory" : "RHSA-2025:9582", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package" : "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.ep7.el7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date" : "2025-06-25T00:00:00Z", "advisory" : "RHSA-2025:9582", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package" : "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.ep7.el7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date" : "2025-06-25T00:00:00Z", "advisory" : "RHSA-2025:9582", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package" : "eap7-wildfly-openssl-linux-0:1.0.12-6.Final_redhat_00001.1.ep7.el7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6", "release_date" : "2020-10-14T00:00:00Z", "advisory" : "RHSA-2020:4256", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6", "package" : "eap7-wildfly-openssl-linux-x86_64-0:1.0.11-1.Final_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6", "release_date" : "2020-11-04T00:00:00Z", "advisory" : "RHSA-2020:4922", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6", "package" : "eap7-wildfly-openssl-linux-x86_64-0:1.0.12-1.Final_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5340", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6", "package" : "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5340", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6", "package" : "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5340", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6", "package" : "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5340", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6", "package" : "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5340", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6", "package" : "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5340", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6", "package" : "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5340", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6", "package" : "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5340", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6", "package" : "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5340", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6", "package" : "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5340", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6", "package" : "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5340", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6", "package" : "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5340", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6", "package" : "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5340", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6", "package" : "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5340", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6", "package" : "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5340", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6", "package" : "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5340", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6", "package" : "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5340", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6", "package" : "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5340", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6", "package" : "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5340", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6", "package" : "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5340", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6", "package" : "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7", "release_date" : "2020-10-14T00:00:00Z", "advisory" : "RHSA-2020:4256", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7", "package" : "eap7-wildfly-openssl-linux-x86_64-0:1.0.11-1.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7", "release_date" : "2020-11-04T00:00:00Z", "advisory" : "RHSA-2020:4922", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7", "package" : "eap7-wildfly-openssl-linux-x86_64-0:1.0.12-1.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5341", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7", "package" : "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5341", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7", "package" : "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5341", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7", "package" : "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5341", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7", "package" : "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5341", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7", "package" : "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5341", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7", "package" : "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5341", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7", "package" : "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5341", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7", "package" : "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5341", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7", "package" : "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5341", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7", "package" : "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5341", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7", "package" : "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5341", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7", "package" : "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5341", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7", "package" : "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5341", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7", "package" : "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5341", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7", "package" : "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5341", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7", "package" : "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5341", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7", "package" : "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5341", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7", "package" : "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5341", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7", "package" : "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5341", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7", "package" : "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8", "release_date" : "2020-10-14T00:00:00Z", "advisory" : "RHSA-2020:4256", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8", "package" : "eap7-wildfly-openssl-linux-x86_64-0:1.0.11-1.Final_redhat_00001.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8", "release_date" : "2020-11-04T00:00:00Z", "advisory" : "RHSA-2020:4922", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8", "package" : "eap7-wildfly-openssl-linux-x86_64-0:1.0.12-1.Final_redhat_00001.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5342", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8", "package" : "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5342", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8", "package" : "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5342", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8", "package" : "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5342", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8", "package" : "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5342", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8", "package" : "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5342", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8", "package" : "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5342", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8", "package" : "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5342", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8", "package" : "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5342", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8", "package" : "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5342", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8", "package" : "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5342", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8", "package" : "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5342", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8", "package" : "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5342", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8", "package" : "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5342", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8", "package" : "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5342", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8", "package" : "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5342", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8", "package" : "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5342", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8", "package" : "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5342", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8", "package" : "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5342", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8", "package" : "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8", "release_date" : "2020-12-03T00:00:00Z", "advisory" : "RHSA-2020:5342", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8", "package" : "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap" }, { "product_name" : "Red Hat Single Sign-On 7.4.3 one-off", "release_date" : "2020-11-09T00:00:00Z", "advisory" : "RHSA-2020:4978", "cpe" : "cpe:/a:redhat:jboss_single_sign_on:7.4", "package" : "wildfly-openssl" } ], "package_state" : [ { "product_name" : "Red Hat Decision Manager 7", "fix_state" : "Not affected", "package_name" : "wildfly-openssl", "cpe" : "cpe:/a:redhat:jboss_enterprise_brms_platform:7" }, { "product_name" : "Red Hat OpenShift Application Runtimes", "fix_state" : "Affected", "package_name" : "wildfly-openssl", "cpe" : "cpe:/a:redhat:openshift_application_runtimes:1.0" }, { "product_name" : "Red Hat Process Automation 7", "fix_state" : "Not affected", "package_name" : "wildfly-openssl", "cpe" : "cpe:/a:redhat:jboss_enterprise_bpms_platform:7" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2020-25644\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-25644" ], "name" : "CVE-2020-25644", "mitigation" : { "value" : "There is currently no known mitigation for this issue.", "lang" : "en:us" }, "csaw" : false }