{ "threat_severity" : "Moderate", "public_date" : "2023-01-06T00:00:00Z", "bugzilla" : { "description" : "apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider", "id" : "2158916", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2158916" }, "cvss3" : { "cvss3_base_score" : "5.5", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "status" : "verified" }, "cwe" : "CWE-200", "details" : [ "Unproper laxist permissions on the temporary files used by MIME4J TempFileStorageProvider may lead to information disclosure to other local users. This issue affects Apache James MIME4J version 0.8.8 and prior versions.\nWe recommend users to upgrade to MIME4j version 0.8.9 or later.", "A flaw was found in Apache James's Mime4j TempFileStorageProvider class, where it may set improper permissions when utilizing temporary files. This flaw allows a locally authorized attacker to access information outside their intended permissions." ], "affected_release" : [ { "product_name" : "Red Hat build of Quarkus 2.13.8.Final", "release_date" : "2023-06-29T00:00:00Z", "advisory" : "RHSA-2023:3809", "cpe" : "cpe:/a:redhat:quarkus:2.13::el8", "package" : "org.apache.james/apache-mime4j-storage:0.8.9.redhat-00001" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1516", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4", "package" : "apache-james-mime4j", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1513", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1513", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1513", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1513", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1513", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1513", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1513", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1513", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1513", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1513", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1513", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1513", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1513", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1513", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1513", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1513", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1513", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1513", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1513", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1513", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1513", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1514", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1514", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1514", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1514", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1514", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1514", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1514", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1514", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1514", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1514", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1514", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1514", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1514", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1514", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1514", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1514", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1514", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1514", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1514", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1514", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1514", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1512", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1512", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1512", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1512", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1512", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1512", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1512", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1512", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1512", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1512", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1512", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1512", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1512", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1512", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1512", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1512", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1512", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1512", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1512", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1512", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2023-03-29T00:00:00Z", "advisory" : "RHSA-2023:1512", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap", "impact" : "low" }, { "product_name" : "Red Hat Single Sign-On 7", "release_date" : "2023-05-10T00:00:00Z", "advisory" : "RHSA-2023:2713", "cpe" : "cpe:/a:redhat:red_hat_single_sign_on:7.6.3", "package" : "apache-james-mime4j" }, { "product_name" : "Red Hat Single Sign-On 7.6 for RHEL 7", "release_date" : "2023-05-10T00:00:00Z", "advisory" : "RHSA-2023:2705", "cpe" : "cpe:/a:redhat:red_hat_single_sign_on:7.6::el7", "package" : "rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso" }, { "product_name" : "Red Hat Single Sign-On 7.6 for RHEL 8", "release_date" : "2023-05-10T00:00:00Z", "advisory" : "RHSA-2023:2706", "cpe" : "cpe:/a:redhat:red_hat_single_sign_on:7.6::el8", "package" : "rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el8sso" }, { "product_name" : "Red Hat Single Sign-On 7.6 for RHEL 9", "release_date" : "2023-05-10T00:00:00Z", "advisory" : "RHSA-2023:2707", "cpe" : "cpe:/a:redhat:red_hat_single_sign_on:7.6::el9", "package" : "rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el9sso" }, { "product_name" : "RHEL-8 based Middleware Containers", "release_date" : "2023-05-10T00:00:00Z", "advisory" : "RHSA-2023:2710", "cpe" : "cpe:/a:redhat:rhosemc:1.0::el8", "package" : "rh-sso-7/sso76-openshift-rhel8:7.6-22" }, { "product_name" : "RHINT Service Registry 2.4.3 GA", "release_date" : "2023-06-27T00:00:00Z", "advisory" : "RHSA-2023:3815", "cpe" : "cpe:/a:redhat:service_registry:2.4", "package" : "apache-james-mime4j" } ], "package_state" : [ { "product_name" : "Logging Subsystem for Red Hat OpenShift", "fix_state" : "Not affected", "package_name" : "openshift-logging/elasticsearch6-rhel8", "cpe" : "cpe:/a:redhat:logging:5" }, { "product_name" : "Migration Toolkit for Applications 6", "fix_state" : "Not affected", "package_name" : "org.keycloak-keycloak-parent", "cpe" : "cpe:/a:redhat:migration_toolkit_applications:6" }, { "product_name" : "Migration Toolkit for Runtimes", "fix_state" : "Not affected", "package_name" : "org.keycloak-keycloak-parent", "cpe" : "cpe:/a:redhat:migration_toolkit_runtimes:1" }, { "product_name" : "Red Hat build of Apache Camel for Spring Boot 3", "fix_state" : "Fix deferred", "package_name" : "apache-james-mime4j", "cpe" : "cpe:/a:redhat:camel_spring_boot:3", "impact" : "low" }, { "product_name" : "Red Hat Data Grid 8", "fix_state" : "Not affected", "package_name" : "apache-james-mime4j", "cpe" : "cpe:/a:redhat:jboss_data_grid:8" }, { "product_name" : "Red Hat Decision Manager 7", "fix_state" : "Out of support scope", "package_name" : "apache-james-mime4j", "cpe" : "cpe:/a:redhat:jboss_enterprise_brms_platform:7" }, { "product_name" : "Red Hat Fuse 7", "fix_state" : "Out of support scope", "package_name" : "apache-james-mime4j", "cpe" : "cpe:/a:redhat:jboss_fuse:7" }, { "product_name" : "Red Hat Integration Camel K 1", "fix_state" : "Fix deferred", "package_name" : "apache-james-mime4j", "cpe" : "cpe:/a:redhat:integration:1", "impact" : "low" }, { "product_name" : "Red Hat Integration Camel Quarkus 1", "fix_state" : "Will not fix", "package_name" : "apache-james-mime4j", "cpe" : "cpe:/a:redhat:camel_quarkus:2" }, { "product_name" : "Red Hat JBoss Data Grid 7", "fix_state" : "Out of support scope", "package_name" : "apache-james-mime4j", "cpe" : "cpe:/a:redhat:jboss_data_grid:7" }, { "product_name" : "Red Hat JBoss Data Virtualization 6", "fix_state" : "Out of support scope", "package_name" : "apache-james-mime4j", "cpe" : "cpe:/a:redhat:jboss_data_virtualization:6" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 6", "fix_state" : "Out of support scope", "package_name" : "apache-james-mime4j", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:6" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform Expansion Pack", "fix_state" : "Affected", "package_name" : "apache-james-mime4j", "cpe" : "cpe:/a:redhat:jbosseapxp", "impact" : "low" }, { "product_name" : "Red Hat JBoss Fuse 6", "fix_state" : "Out of support scope", "package_name" : "apache-james-mime4j", "cpe" : "cpe:/a:redhat:jboss_fuse:6" }, { "product_name" : "Red Hat JBoss Fuse Service Works 6", "fix_state" : "Out of support scope", "package_name" : "apache-james-mime4j", "cpe" : "cpe:/a:redhat:jboss_fuse_service_works:6" }, { "product_name" : "Red Hat OpenShift Application Runtimes", "fix_state" : "Not affected", "package_name" : "apache-james-mime4j", "cpe" : "cpe:/a:redhat:openshift_application_runtimes:1.0" }, { "product_name" : "Red Hat Process Automation 7", "fix_state" : "Out of support scope", "package_name" : "apache-james-mime4j", "cpe" : "cpe:/a:redhat:jboss_enterprise_bpms_platform:7" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Out of support scope", "package_name" : "apache-james-mime4j", "cpe" : "cpe:/a:redhat:satellite:6" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-45787\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-45787" ], "name" : "CVE-2022-45787", "csaw" : false }