{ "threat_severity" : "Important", "public_date" : "2025-06-25T17:02:57Z", "bugzilla" : { "description" : "com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError", "id" : "2374804", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2374804" }, "cvss3" : { "cvss3_base_score" : "7.5", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-121", "details" : [ "jackson-core contains core low-level incremental (\"streaming\") parser and generator abstractions used by Jackson Data Processor. In versions prior to 2.15.0, if a user parses an input file and it has deeply nested data, Jackson could end up throwing a StackoverflowError if the depth is particularly large. jackson-core 2.15.0 contains a configurable limit for how deep Jackson will traverse in an input document, defaulting to an allowable depth of 1000. jackson-core will throw a StreamConstraintsException if the limit is reached. jackson-databind also benefits from this change because it uses jackson-core to parse JSON inputs. As a workaround, users should avoid parsing input files from untrusted sources.", "A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur." ], "affected_release" : [ { "product_name" : "OCP-Tools-4.12-RHEL-8", "release_date" : "2025-07-01T00:00:00Z", "advisory" : "RHSA-2025:10118", "cpe" : "cpe:/a:redhat:ocp_tools:4.12::el8", "package" : "jenkins-0:2.504.2.1750932984-3.el8" }, { "product_name" : "OCP-Tools-4.12-RHEL-8", "release_date" : "2025-07-01T00:00:00Z", "advisory" : "RHSA-2025:10118", "cpe" : "cpe:/a:redhat:ocp_tools:4.12::el8", "package" : "jenkins-2-plugins-0:4.12.1750933270-1.el8" }, { "product_name" : "OCP-Tools-4.13-RHEL-8", "release_date" : "2025-07-01T00:00:00Z", "advisory" : "RHSA-2025:10119", "cpe" : "cpe:/a:redhat:ocp_tools:4.13::el8", "package" : "jenkins-0:2.504.2.1750916374-3.el8" }, { "product_name" : "OCP-Tools-4.13-RHEL-8", "release_date" : "2025-07-01T00:00:00Z", "advisory" : "RHSA-2025:10119", "cpe" : "cpe:/a:redhat:ocp_tools:4.13::el8", "package" : "jenkins-2-plugins-0:4.13.1750916671-1.el8" }, { "product_name" : "OCP-Tools-4.14-RHEL-8", "release_date" : "2025-07-01T00:00:00Z", "advisory" : "RHSA-2025:10120", "cpe" : "cpe:/a:redhat:ocp_tools:4.14::el8", "package" : "jenkins-0:2.504.2.1750903189-3.el8" }, { "product_name" : "OCP-Tools-4.14-RHEL-8", "release_date" : "2025-07-01T00:00:00Z", "advisory" : "RHSA-2025:10120", "cpe" : "cpe:/a:redhat:ocp_tools:4.14::el8", "package" : "jenkins-2-plugins-0:4.14.1750903529-1.el8" }, { "product_name" : "OCP-Tools-4.15-RHEL-8", "release_date" : "2025-07-01T00:00:00Z", "advisory" : "RHSA-2025:10104", "cpe" : "cpe:/a:redhat:ocp_tools:4.15::el8", "package" : "jenkins-0:2.504.2.1750856366-3.el8" }, { "product_name" : "OCP-Tools-4.15-RHEL-8", "release_date" : "2025-07-01T00:00:00Z", "advisory" : "RHSA-2025:10104", "cpe" : "cpe:/a:redhat:ocp_tools:4.15::el8", "package" : "jenkins-2-plugins-0:4.15.1750856638-1.el8" }, { "product_name" : "OCP-Tools-4.16-RHEL-9", "release_date" : "2025-07-01T00:00:00Z", "advisory" : "RHSA-2025:10098", "cpe" : "cpe:/a:redhat:ocp_tools:4.16::el9", "package" : "jenkins-0:2.504.2.1750857144-3.el9" }, { "product_name" : "OCP-Tools-4.16-RHEL-9", "release_date" : "2025-07-01T00:00:00Z", "advisory" : "RHSA-2025:10098", "cpe" : "cpe:/a:redhat:ocp_tools:4.16::el9", "package" : "jenkins-2-plugins-0:4.16.1750857315-1.el9" }, { "product_name" : "OCP-Tools-4.17-RHEL-9", "release_date" : "2025-07-01T00:00:00Z", "advisory" : "RHSA-2025:10097", "cpe" : "cpe:/a:redhat:ocp_tools:4.17::el9", "package" : "jenkins-0:2.504.2.1750851690-3.el9" }, { "product_name" : "OCP-Tools-4.17-RHEL-9", "release_date" : "2025-07-01T00:00:00Z", "advisory" : "RHSA-2025:10097", "cpe" : "cpe:/a:redhat:ocp_tools:4.17::el9", "package" : "jenkins-2-plugins-0:4.17.1750851950-1.el9" }, { "product_name" : "OCP-Tools-4.18-RHEL-9", "release_date" : "2025-07-01T00:00:00Z", "advisory" : "RHSA-2025:10092", "cpe" : "cpe:/a:redhat:ocp_tools:4.18::el9", "package" : "jenkins-0:2.504.2.1750846524-3.el9" }, { "product_name" : "OCP-Tools-4.18-RHEL-9", "release_date" : "2025-07-01T00:00:00Z", "advisory" : "RHSA-2025:10092", "cpe" : "cpe:/a:redhat:ocp_tools:4.18::el9", "package" : "jenkins-2-plugins-0:4.18.1750846854-1.el9" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2025-08-20T00:00:00Z", "advisory" : "RHSA-2025:14126", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "pki-deps:10.6-8100020250731151637.489197e6" }, { "product_name" : "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date" : "2025-08-20T00:00:00Z", "advisory" : "RHSA-2025:14127", "cpe" : "cpe:/a:redhat:rhel_aus:8.2", "package" : "pki-deps:10.6-8020020250815231424.4cda2c84" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date" : "2025-08-20T00:00:00Z", "advisory" : "RHSA-2025:14116", "cpe" : "cpe:/a:redhat:rhel_aus:8.4", "package" : "pki-deps:10.6-8040020250815231101.522a0ee4" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On", "release_date" : "2025-08-20T00:00:00Z", "advisory" : "RHSA-2025:14116", "cpe" : "cpe:/a:redhat:rhel_eus_long_life:8.4", "package" : "pki-deps:10.6-8040020250815231101.522a0ee4" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date" : "2025-08-20T00:00:00Z", "advisory" : "RHSA-2025:14118", "cpe" : "cpe:/a:redhat:rhel_aus:8.6", "package" : "pki-deps:10.6-8060020250815230318.ad008a3a" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date" : "2025-08-20T00:00:00Z", "advisory" : "RHSA-2025:14118", "cpe" : "cpe:/a:redhat:rhel_tus:8.6", "package" : "pki-deps:10.6-8060020250815230318.ad008a3a" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date" : "2025-08-20T00:00:00Z", "advisory" : "RHSA-2025:14118", "cpe" : "cpe:/a:redhat:rhel_e4s:8.6", "package" : "pki-deps:10.6-8060020250815230318.ad008a3a" }, { "product_name" : "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "release_date" : "2025-08-20T00:00:00Z", "advisory" : "RHSA-2025:14117", "cpe" : "cpe:/a:redhat:rhel_tus:8.8", "package" : "pki-deps:10.6-8080020250815110412.63b34585" }, { "product_name" : "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "release_date" : "2025-08-20T00:00:00Z", "advisory" : "RHSA-2025:14117", "cpe" : "cpe:/a:redhat:rhel_e4s:8.8", "package" : "pki-deps:10.6-8080020250815110412.63b34585" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2025-07-30T00:00:00Z", "advisory" : "RHSA-2025:12280", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "jackson-annotations-0:2.19.1-1.el9_6" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2025-07-30T00:00:00Z", "advisory" : "RHSA-2025:12280", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "jackson-core-0:2.19.1-1.el9_6" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2025-07-30T00:00:00Z", "advisory" : "RHSA-2025:12280", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "jackson-databind-0:2.19.1-1.el9_6" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2025-07-30T00:00:00Z", "advisory" : "RHSA-2025:12280", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "jackson-jaxrs-providers-0:2.19.1-1.el9_6" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2025-07-30T00:00:00Z", "advisory" : "RHSA-2025:12280", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "jackson-modules-base-0:2.19.1-1.el9_6" }, { "product_name" : "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date" : "2025-07-30T00:00:00Z", "advisory" : "RHSA-2025:12283", "cpe" : "cpe:/a:redhat:rhel_e4s:9.0", "package" : "jackson-annotations-0:2.19.1-1.el9_0" }, { "product_name" : "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date" : "2025-07-30T00:00:00Z", "advisory" : "RHSA-2025:12283", "cpe" : "cpe:/a:redhat:rhel_e4s:9.0", "package" : "jackson-core-0:2.19.1-1.el9_0" }, { "product_name" : "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date" : "2025-07-30T00:00:00Z", "advisory" : "RHSA-2025:12283", "cpe" : "cpe:/a:redhat:rhel_e4s:9.0", "package" : "jackson-databind-0:2.19.1-1.el9_0" }, { "product_name" : "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date" : "2025-07-30T00:00:00Z", "advisory" : "RHSA-2025:12283", "cpe" : "cpe:/a:redhat:rhel_e4s:9.0", "package" : "jackson-jaxrs-providers-0:2.19.1-1.el9_0" }, { "product_name" : "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date" : "2025-07-30T00:00:00Z", "advisory" : "RHSA-2025:12283", "cpe" : "cpe:/a:redhat:rhel_e4s:9.0", "package" : "jackson-modules-base-0:2.19.1-1.el9_0" }, { "product_name" : "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "release_date" : "2025-07-30T00:00:00Z", "advisory" : "RHSA-2025:12282", "cpe" : "cpe:/a:redhat:rhel_e4s:9.2", "package" : "jackson-annotations-0:2.19.1-1.el9_2" }, { "product_name" : "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "release_date" : "2025-07-30T00:00:00Z", "advisory" : "RHSA-2025:12282", "cpe" : "cpe:/a:redhat:rhel_e4s:9.2", "package" : "jackson-core-0:2.19.1-1.el9_2" }, { "product_name" : "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "release_date" : "2025-07-30T00:00:00Z", "advisory" : "RHSA-2025:12282", "cpe" : "cpe:/a:redhat:rhel_e4s:9.2", "package" : "jackson-databind-0:2.19.1-1.el9_2" }, { "product_name" : "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "release_date" : "2025-07-30T00:00:00Z", "advisory" : "RHSA-2025:12282", "cpe" : "cpe:/a:redhat:rhel_e4s:9.2", "package" : "jackson-jaxrs-providers-0:2.19.1-1.el9_2" }, { "product_name" : "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "release_date" : "2025-07-30T00:00:00Z", "advisory" : "RHSA-2025:12282", "cpe" : "cpe:/a:redhat:rhel_e4s:9.2", "package" : "jackson-modules-base-0:2.19.1-1.el9_2" }, { "product_name" : "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date" : "2025-07-30T00:00:00Z", "advisory" : "RHSA-2025:12281", "cpe" : "cpe:/a:redhat:rhel_eus:9.4", "package" : "jackson-annotations-0:2.19.1-1.el9_4" }, { "product_name" : "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date" : "2025-07-30T00:00:00Z", "advisory" : "RHSA-2025:12281", "cpe" : "cpe:/a:redhat:rhel_eus:9.4", "package" : "jackson-core-0:2.19.1-1.el9_4" }, { "product_name" : "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date" : "2025-07-30T00:00:00Z", "advisory" : "RHSA-2025:12281", "cpe" : "cpe:/a:redhat:rhel_eus:9.4", "package" : "jackson-databind-0:2.19.1-1.el9_4" }, { "product_name" : "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date" : "2025-07-30T00:00:00Z", "advisory" : "RHSA-2025:12281", "cpe" : "cpe:/a:redhat:rhel_eus:9.4", "package" : "jackson-jaxrs-providers-0:2.19.1-1.el9_4" }, { "product_name" : "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date" : "2025-07-30T00:00:00Z", "advisory" : "RHSA-2025:12281", "cpe" : "cpe:/a:redhat:rhel_eus:9.4", "package" : "jackson-modules-base-0:2.19.1-1.el9_4" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7", "release_date" : "2025-07-21T00:00:00Z", "advisory" : "RHSA-2025:11474", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4", "package" : "jackson-core" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7", "release_date" : "2025-04-01T00:00:00Z", "advisory" : "RHSA-2025:3467", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4", "package" : "jackson-core" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date" : "2026-01-19T00:00:00Z", "advisory" : "RHSA-2026:0742", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package" : "eap7-jackson-annotations-0:2.8.11-2.redhat_00004.1.ep7.el7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date" : "2026-01-19T00:00:00Z", "advisory" : "RHSA-2026:0742", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package" : "eap7-jackson-core-0:2.8.11-3.redhat_00004.1.ep7.el7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date" : "2026-01-19T00:00:00Z", "advisory" : "RHSA-2026:0742", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package" : "eap7-jackson-jaxrs-providers-0:2.8.11-3.redhat_00004.1.ep7.el7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date" : "2026-01-19T00:00:00Z", "advisory" : "RHSA-2026:0742", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package" : "eap7-jackson-module-jaxb-annotations-0:2.8.11-3.redhat_00004.1.ep7.el7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date" : "2026-01-19T00:00:00Z", "advisory" : "RHSA-2026:0742", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package" : "eap7-jackson-modules-java8-0:2.8.11-2.redhat_00004.1.ep7.el7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date" : "2026-01-19T00:00:00Z", "advisory" : "RHSA-2026:0742", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package" : "eap7-netty-0:4.1.63-3.Final_redhat_00004.1.ep7.el7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date" : "2026-01-19T00:00:00Z", "advisory" : "RHSA-2026:0742", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package" : "eap7-undertow-0:1.4.18-18.SP16_redhat_00001.1.ep7.el7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7", "release_date" : "2026-01-19T00:00:00Z", "advisory" : "RHSA-2026:0742", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", "package" : "eap7-wildfly-0:7.1.13-6.GA_redhat_00002.1.ep7.el7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7", "release_date" : "2026-01-19T00:00:00Z", "advisory" : "RHSA-2026:0743", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7", "package" : "eap7-jackson-annotations-0:2.10.4-4.redhat_00008.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7", "release_date" : "2026-01-19T00:00:00Z", "advisory" : "RHSA-2026:0743", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7", "package" : "eap7-jackson-core-0:2.10.4-4.redhat_00008.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7", "release_date" : "2026-01-19T00:00:00Z", "advisory" : "RHSA-2026:0743", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7", "package" : "eap7-jackson-databind-0:2.10.4-6.redhat_00008.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7", "release_date" : "2026-01-19T00:00:00Z", "advisory" : "RHSA-2026:0743", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7", "package" : "eap7-jackson-jaxrs-providers-0:2.10.4-4.redhat_00008.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7", "release_date" : "2026-01-19T00:00:00Z", "advisory" : "RHSA-2026:0743", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7", "package" : "eap7-jackson-modules-base-0:2.10.4-6.redhat_00008.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7", "release_date" : "2026-01-19T00:00:00Z", "advisory" : "RHSA-2026:0743", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7", "package" : "eap7-jackson-modules-java8-0:2.10.4-3.redhat_00008.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7", "release_date" : "2026-01-19T00:00:00Z", "advisory" : "RHSA-2026:0743", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7", "package" : "eap7-jboss-server-migration-0:1.7.2-20.Final_redhat_00021.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7", "release_date" : "2026-01-19T00:00:00Z", "advisory" : "RHSA-2026:0743", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7", "package" : "eap7-netty-0:4.1.63-6.Final_redhat_00004.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7", "release_date" : "2026-01-19T00:00:00Z", "advisory" : "RHSA-2026:0743", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7", "package" : "eap7-undertow-0:2.0.41-6.SP7_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7", "release_date" : "2026-01-19T00:00:00Z", "advisory" : "RHSA-2026:0743", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7", "package" : "eap7-wildfly-0:7.3.16-3.GA_redhat_00003.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4", "release_date" : "2026-03-18T00:00:00Z", "advisory" : "RHSA-2026:4924", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 7", "release_date" : "2026-03-18T00:00:00Z", "advisory" : "RHSA-2026:4915", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el7", "package" : "eap7-wildfly-0:7.4.24-4.GA_redhat_00002.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 8", "release_date" : "2026-03-18T00:00:00Z", "advisory" : "RHSA-2026:4916", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el8", "package" : "eap7-wildfly-0:7.4.24-4.GA_redhat_00002.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 9", "release_date" : "2026-03-18T00:00:00Z", "advisory" : "RHSA-2026:4917", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el9", "package" : "eap7-wildfly-0:7.4.24-4.GA_redhat_00002.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2025-07-21T00:00:00Z", "advisory" : "RHSA-2025:11473", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-jackson-annotations-0:2.12.7-2.redhat_00004.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2025-07-21T00:00:00Z", "advisory" : "RHSA-2025:11473", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-jackson-core-0:2.12.7-2.SP1_redhat_00001.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2025-07-21T00:00:00Z", "advisory" : "RHSA-2025:11473", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-jackson-databind-0:2.12.7-2.redhat_00004.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2025-07-21T00:00:00Z", "advisory" : "RHSA-2025:11473", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-jackson-jaxrs-providers-0:2.12.7-2.redhat_00004.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2025-07-21T00:00:00Z", "advisory" : "RHSA-2025:11473", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-jackson-modules-base-0:2.12.7-2.redhat_00004.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2025-07-21T00:00:00Z", "advisory" : "RHSA-2025:11473", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-jackson-modules-java8-0:2.12.7-2.redhat_00004.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2025-07-21T00:00:00Z", "advisory" : "RHSA-2025:11473", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-wildfly-0:7.4.23-4.GA_redhat_00003.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2025-04-01T00:00:00Z", "advisory" : "RHSA-2025:3465", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2025-04-01T00:00:00Z", "advisory" : "RHSA-2025:3465", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2025-04-01T00:00:00Z", "advisory" : "RHSA-2025:3465", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2025-07-21T00:00:00Z", "advisory" : "RHSA-2025:11473", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-jackson-annotations-0:2.12.7-2.redhat_00004.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2025-07-21T00:00:00Z", "advisory" : "RHSA-2025:11473", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-jackson-core-0:2.12.7-2.SP1_redhat_00001.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2025-07-21T00:00:00Z", "advisory" : "RHSA-2025:11473", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-jackson-databind-0:2.12.7-2.redhat_00004.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2025-07-21T00:00:00Z", "advisory" : "RHSA-2025:11473", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-jackson-jaxrs-providers-0:2.12.7-2.redhat_00004.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2025-07-21T00:00:00Z", "advisory" : "RHSA-2025:11473", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-jackson-modules-base-0:2.12.7-2.redhat_00004.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2025-07-21T00:00:00Z", "advisory" : "RHSA-2025:11473", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-jackson-modules-java8-0:2.12.7-2.redhat_00004.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2025-07-21T00:00:00Z", "advisory" : "RHSA-2025:11473", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-wildfly-0:7.4.23-4.GA_redhat_00003.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2025-04-01T00:00:00Z", "advisory" : "RHSA-2025:3465", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2025-04-01T00:00:00Z", "advisory" : "RHSA-2025:3465", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2025-04-01T00:00:00Z", "advisory" : "RHSA-2025:3465", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2025-07-21T00:00:00Z", "advisory" : "RHSA-2025:11473", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-jackson-annotations-0:2.12.7-2.redhat_00004.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2025-07-21T00:00:00Z", "advisory" : "RHSA-2025:11473", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-jackson-core-0:2.12.7-2.SP1_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2025-07-21T00:00:00Z", "advisory" : "RHSA-2025:11473", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-jackson-databind-0:2.12.7-2.redhat_00004.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2025-07-21T00:00:00Z", "advisory" : "RHSA-2025:11473", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-jackson-jaxrs-providers-0:2.12.7-2.redhat_00004.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2025-07-21T00:00:00Z", "advisory" : "RHSA-2025:11473", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-jackson-modules-base-0:2.12.7-2.redhat_00004.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2025-07-21T00:00:00Z", "advisory" : "RHSA-2025:11473", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-jackson-modules-java8-0:2.12.7-2.redhat_00004.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2025-07-21T00:00:00Z", "advisory" : "RHSA-2025:11473", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-wildfly-0:7.4.23-4.GA_redhat_00003.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2025-04-01T00:00:00Z", "advisory" : "RHSA-2025:3465", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-netty-0:4.1.119-1.Final_redhat_00004.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2025-04-01T00:00:00Z", "advisory" : "RHSA-2025:3465", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-netty-transport-native-epoll-0:4.1.119-1.Final_redhat_00004.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2025-04-01T00:00:00Z", "advisory" : "RHSA-2025:3465", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-wildfly-0:7.4.21-3.GA_29548_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat Single Sign-On 7.6.12", "release_date" : "2025-09-11T00:00:00Z", "advisory" : "RHSA-2025:15717", "cpe" : "cpe:/a:redhat:red_hat_single_sign_on:7.6", "package" : "jackson-core" }, { "product_name" : "Logging for Red Hat OpenShift 5.8", "release_date" : "2025-10-01T00:00:00Z", "advisory" : "RHSA-2025:17189", "cpe" : "cpe:/a:redhat:logging:5.8::el9", "package" : "openshift-logging/elasticsearch6-rhel9:sha256:128a6711150854305d7042e827d191cb5f136fa9591c2410279d9dc0f2b85a75" }, { "product_name" : "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23", "release_date" : "2025-09-15T00:00:00Z", "advisory" : "RHSA-2025:15847", "cpe" : "cpe:/a:redhat:openshift_devspaces:3.23::el9", "package" : "devspaces/server-rhel9:sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1" } ], "package_state" : [ { "product_name" : "Cryostat 4", "fix_state" : "Not affected", "package_name" : "jackson-core", "cpe" : "cpe:/a:redhat:cryostat:4" }, { "product_name" : "OpenShift Serverless", "fix_state" : "Not affected", "package_name" : "openshift-serverless-1/kn-ekb-dispatcher-rhel8", "cpe" : "cpe:/a:redhat:serverless:1" }, { "product_name" : "OpenShift Serverless", "fix_state" : "Not affected", "package_name" : "openshift-serverless-1/kn-ekb-kafka-controller-rhel8", "cpe" : "cpe:/a:redhat:serverless:1" }, { "product_name" : "OpenShift Serverless", "fix_state" : "Not affected", "package_name" : "openshift-serverless-1/kn-ekb-post-install-rhel8", "cpe" : "cpe:/a:redhat:serverless:1" }, { "product_name" : "OpenShift Serverless", "fix_state" : "Not affected", "package_name" : "openshift-serverless-1/kn-ekb-receiver-rhel8", "cpe" : "cpe:/a:redhat:serverless:1" }, { "product_name" : "OpenShift Serverless", "fix_state" : "Not affected", "package_name" : "openshift-serverless-1/kn-ekb-webhook-kafka-rhel8", "cpe" : "cpe:/a:redhat:serverless:1" }, { "product_name" : "OpenShift Serverless", "fix_state" : "Not affected", "package_name" : "openshift-serverless-1/kn-eventing-integrations-aws-ddb-streams-source-rhel8", "cpe" : "cpe:/a:redhat:serverless:1" }, { "product_name" : "OpenShift Serverless", "fix_state" : "Not affected", "package_name" : "openshift-serverless-1/kn-eventing-integrations-aws-s3-sink-rhel8", "cpe" : "cpe:/a:redhat:serverless:1" }, { "product_name" : "OpenShift Serverless", "fix_state" : "Not affected", "package_name" : "openshift-serverless-1/kn-eventing-integrations-aws-s3-source-rhel8", "cpe" : "cpe:/a:redhat:serverless:1" }, { "product_name" : "OpenShift Serverless", "fix_state" : "Not affected", "package_name" : "openshift-serverless-1/kn-eventing-integrations-aws-sns-sink-rhel8", "cpe" : "cpe:/a:redhat:serverless:1" }, { "product_name" : "OpenShift Serverless", "fix_state" : "Not affected", "package_name" : "openshift-serverless-1/kn-eventing-integrations-aws-sqs-sink-rhel8", "cpe" : "cpe:/a:redhat:serverless:1" }, { "product_name" : "OpenShift Serverless", "fix_state" : "Not affected", "package_name" : "openshift-serverless-1/kn-eventing-integrations-aws-sqs-source-rhel8", "cpe" : "cpe:/a:redhat:serverless:1" }, { "product_name" : "OpenShift Serverless", "fix_state" : "Not affected", "package_name" : "openshift-serverless-1/kn-eventing-integrations-log-sink-rhel8", "cpe" : "cpe:/a:redhat:serverless:1" }, { "product_name" : "OpenShift Serverless", "fix_state" : "Not affected", "package_name" : "openshift-serverless-1/kn-eventing-integrations-timer-source-rhel8", "cpe" : "cpe:/a:redhat:serverless:1" }, { "product_name" : "OpenShift Serverless", "fix_state" : "Not affected", "package_name" : "openshift-serverless-1/kn-eventing-integrations-transform-jsonata-rhel8", "cpe" : "cpe:/a:redhat:serverless:1" }, { "product_name" : "OpenShift Serverless", "fix_state" : "Not affected", "package_name" : "openshift-serverless-1/kn-eventing-istio-controller-rhel8", "cpe" : "cpe:/a:redhat:serverless:1" }, { "product_name" : "Red Hat AMQ Broker 7", "fix_state" : "Will not fix", "package_name" : "jackson-core", "cpe" : "cpe:/a:redhat:amq_broker:7" }, { "product_name" : "Red Hat AMQ Clients", "fix_state" : "Not affected", "package_name" : "jackson-core", "cpe" : "cpe:/a:redhat:amq_clients:2023" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "jackson-core", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "python3.11-drools-jpy-jar", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "python3x-drools-jpy-jar", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "python-drools-jpy-jar", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat build of Apache Camel 4 for Quarkus 3", "fix_state" : "Not affected", "package_name" : "quarkus-camel-bom", "cpe" : "cpe:/a:redhat:camel_quarkus:3" }, { "product_name" : "Red Hat build of Apache Camel 4 for Quarkus 3", "fix_state" : "Not affected", "package_name" : "quarkus-cxf-bom", "cpe" : "cpe:/a:redhat:camel_quarkus:3" }, { "product_name" : "Red Hat build of Apache Camel for Spring Boot 4", "fix_state" : "Not affected", "package_name" : "jackson-core", "cpe" : "cpe:/a:redhat:camel_spring_boot:4" }, { "product_name" : "Red Hat build of Apache Camel - HawtIO 4", "fix_state" : "Not affected", "package_name" : "jackson-core", "cpe" : "cpe:/a:redhat:apache_camel_hawtio:4" }, { "product_name" : "Red Hat build of Apicurio Registry 2", "fix_state" : "Affected", "package_name" : "jackson-core", "cpe" : "cpe:/a:redhat:service_registry:2" }, { "product_name" : "Red Hat build of Apicurio Registry 3", "fix_state" : "Affected", "package_name" : "jackson-core", "cpe" : "cpe:/a:redhat:apicurio_registry:3" }, { "product_name" : "Red Hat build of Debezium 2", "fix_state" : "Will not fix", "package_name" : "jackson-core", "cpe" : "cpe:/a:redhat:debezium:2" }, { "product_name" : "Red Hat build of Debezium 3", "fix_state" : "Will not fix", "package_name" : "jackson-core", "cpe" : "cpe:/a:redhat:debezium:3" }, { "product_name" : "Red Hat build of OptaPlanner 8", "fix_state" : "Affected", "package_name" : "jackson-core", "cpe" : "cpe:/a:redhat:optaplanner:::el6" }, { "product_name" : "Red Hat build of Quarkus", "fix_state" : "Not affected", "package_name" : "quarkus-bom", "cpe" : "cpe:/a:redhat:quarkus:3" }, { "product_name" : "Red Hat Ceph Storage 6", "fix_state" : "Not affected", "package_name" : "ceph", "cpe" : "cpe:/a:redhat:ceph_storage:6" }, { "product_name" : "Red Hat Ceph Storage 7", "fix_state" : "Not affected", "package_name" : "ceph", "cpe" : "cpe:/a:redhat:ceph_storage:7" }, { "product_name" : "Red Hat Ceph Storage 8", "fix_state" : "Not affected", "package_name" : "ceph", "cpe" : "cpe:/a:redhat:ceph_storage:8" }, { "product_name" : "Red Hat Certificate System 10", "fix_state" : "Not affected", "package_name" : "redhat-pki:10/redhat-pki", "cpe" : "cpe:/a:redhat:certificate_system:10" }, { "product_name" : "Red Hat Data Grid 8", "fix_state" : "Affected", "package_name" : "jackson-core", "cpe" : "cpe:/a:redhat:jboss_data_grid:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "javapackages-tools:201801/modello", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "log4j:2/log4j", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Will not fix", "package_name" : "pki-core:10.6/resteasy", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "log4j", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Will not fix", "package_name" : "resteasy", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Fuse 7", "fix_state" : "Will not fix", "package_name" : "jackson-core", "cpe" : "cpe:/a:redhat:jboss_fuse:7" }, { "product_name" : "Red Hat Integration Camel K 1", "fix_state" : "Will not fix", "package_name" : "jackson-core", "cpe" : "cpe:/a:redhat:integration:1" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8", "fix_state" : "Not affected", "package_name" : "jackson-core", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform Expansion Pack", "fix_state" : "Not affected", "package_name" : "jackson-core", "cpe" : "cpe:/a:redhat:jbosseapxp" }, { "product_name" : "Red Hat Offline Knowledge Portal", "fix_state" : "Not affected", "package_name" : "offline-knowledge-portal/rhokp-rhel9", "cpe" : "cpe:/a:redhat:offline_knowledge_portal:1" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-dashboard-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-modelmesh-rhel8", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-modelmesh-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-trustyai-service-rhel8", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-trustyai-service-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift Dev Spaces", "fix_state" : "Will not fix", "package_name" : "devspaces/server-rhel8", "cpe" : "cpe:/a:redhat:openshift_devspaces:3" }, { "product_name" : "Red Hat Process Automation 7", "fix_state" : "Affected", "package_name" : "jackson-core", "cpe" : "cpe:/a:redhat:jboss_enterprise_bpms_platform:7" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Not affected", "package_name" : "candlepin", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Not affected", "package_name" : "jackson-core", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Not affected", "package_name" : "puppetserver", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Not affected", "package_name" : "satellite-capsule:el8/puppetserver", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Not affected", "package_name" : "satellite:el8/candlepin", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "streams for Apache Kafka", "fix_state" : "Will not fix", "package_name" : "jackson-core", "cpe" : "cpe:/a:redhat:amq_streams:1" }, { "product_name" : "streams for Apache Kafka 2", "fix_state" : "Affected", "package_name" : "jackson-core", "cpe" : "cpe:/a:redhat:amq_streams:2" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2025-52999\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-52999\nhttps://github.com/FasterXML/jackson-core/pull/943\nhttps://github.com/FasterXML/jackson-core/security/advisories/GHSA-h46c-h94j-95f3" ], "name" : "CVE-2025-52999", "mitigation" : { "value" : "To mitigate this vulnerability, the recommendation is to avoid parsing input files from untrusted sources that may have excessively deep nested data structures; anything with a depth over 1000.", "lang" : "en:us" }, "csaw" : false }