CVE Vulnerabilities

CVE-2023-4503

Improper Initialization

Published: Feb 06, 2024 | Modified: Nov 21, 2024
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
6.8 MODERATE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
Ubuntu

An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server.

Weakness

The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.

Affected Software

Name Vendor Start Version End Version
Jboss_enterprise_application_platform Redhat - (including) - (including)
Jboss_enterprise_application_platform_expansion_pack Redhat - (including) - (including)
EAP 7.4.14 RedHat eap-galleon *
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8 RedHat eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8 RedHat eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el8eap *
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9 RedHat eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9 RedHat eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el9eap *
Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7 RedHat eap7-undertow-0:2.2.28-1.SP1_redhat_00001.1.el7eap *
Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7 RedHat eap7-wildfly-0:7.4.14-5.GA_redhat_00002.1.el7eap *
Red Hat JBoss Enterprise Application Platform 8 RedHat *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-activemq-artemis-0:2.21.0-4.redhat_00048.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-amazon-ion-java-0:1.0.2-4.redhat_00005.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-angus-0:2.0.2-3.redhat_00002.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-angus-activation-0:2.0.1-2.redhat_00005.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-antlr4-0:4.10.1-1.redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-apache-commons-beanutils-0:1.9.4-12.redhat_00003.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-apache-commons-codec-0:1.15.0-5.redhat_00015.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-apache-commons-io-0:2.11.0-2.redhat_00003.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-apache-cxf-0:4.0.0-2.redhat_00002.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-apache-sshd-0:2.12.1-1.redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-atinject-0:2.0.1-2.redhat_00005.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-caffeine-0:3.1.8-1.redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-elytron-web-0:4.0.1-1.Final_redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-fge-btf-0:1.2.0-2.redhat_00017.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-fge-msg-simple-0:1.1.0-2.redhat_00015.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-gson-0:2.8.9-2.redhat_00002.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-guava-failureaccess-0:1.0.1-4.redhat_00012.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-guava-libraries-0:32.1.2-1.jre_redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-hal-console-0:3.6.18-1.Final_redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-hibernate-0:6.2.18-1.Final_redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-hibernate-search-0:6.2.2-1.Final_redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-hibernate-validator-0:8.0.1-1.Final_redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-httpcomponents-asyncclient-0:4.1.5-2.redhat_00004.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-httpcomponents-client-0:4.5.14-2.redhat_00010.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-httpcomponents-core-0:4.4.16-2.redhat_00008.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-infinispan-0:14.0.24-1.Final_redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-ironjacamar-0:3.0.8-1.Final_redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jackson-annotations-0:2.15.4-1.redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jackson-core-0:2.15.4-1.redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jackson-databind-0:2.15.4-1.redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jackson-dataformats-binary-0:2.15.4-1.redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jackson-jaxrs-providers-0:2.15.4-1.redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jackson-modules-base-0:2.15.4-1.redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jackson-modules-java8-0:2.15.4-1.redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jakarta-activation-0:2.1.2-2.redhat_00005.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jakarta-annotation-api-0:2.1.1-4.redhat_00003.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jakarta-batch-api-0:2.1.1-3.redhat_00003.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jakarta-interceptor-api-0:2.1.0-4.redhat_00002.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jakarta-jms-api-0:3.1.0-4.redhat_00003.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jakarta-json-0:1.1.6-4.redhat_00003.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jakarta-json-api-0:2.1.2-3.redhat_00003.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jakarta-mail-0:2.1.2-2.redhat_00003.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jakarta-servlet-api-0:6.0.0-4.redhat_00005.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jakarta-transaction-api-0:2.0.1-3.redhat_00004.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jakarta-validation-api-0:3.0.2-2.redhat_00005.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jakarta-ws-rs-api-0:3.1.0-4.redhat_00002.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jakarta-xml-bind-api-0:4.0.0-4.redhat_00009.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jasypt-0:1.9.3-3.redhat_00003.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-java-classmate-0:1.5.1-2.redhat_00003.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-javaee-jpa-spec-0:3.1.0-3.redhat_00002.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jaxb-0:4.0.2-4.redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jberet-0:2.1.4-1.Final_redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jboss-ejb-client-0:5.0.6-1.Final_redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jboss-modules-0:2.1.4-2.Final_redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jgroups-0:5.2.23-1.Final_redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jgroups-kubernetes-0:2.0.2-1.Final_redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-joda-time-0:2.12.5-1.redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-jose4j-0:0.9.3-2.redhat_00004.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-log4j2-jboss-logmanager-0:1.1.2-1.Final_redhat_00002.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-lucene-solr-0:8.11.3-1.redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-narayana-0:6.0.2-1.Final_redhat_00002.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-netty-0:4.1.100-2.Final_redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-netty-transport-native-epoll-0:4.1.100-5.Final_redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-protostream-0:4.6.5-4.Final_redhat_00006.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-reactive-streams-0:1.0.4-2.redhat_00003.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-resteasy-0:6.2.7-1.Final_redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-slf4j-0:2.0.7-3.redhat_00003.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-snakeyaml-0:2.0.0-2.redhat_00012.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-stax2-api-0:4.2.1-2.redhat_00008.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-sun-istack-commons-0:4.1.2-1.redhat_00003.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-velocity-0:2.3.0-2.redhat_00008.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-wildfly-0:8.0.2-2.GA_redhat_00009.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-wildfly-elytron-0:2.2.4-2.SP01_redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-wildfly-http-client-0:2.0.7-1.Final_redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-wildfly-transaction-client-0:3.0.5-1.Final_redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-woodstox-core-0:6.4.0-2.redhat_00002.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-ws-commons-XmlSchema-0:2.3.0-2.redhat_00002.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-wsdl4j-0:1.6.3-4.redhat_00007.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-wss4j-0:3.0.1-2.redhat_00014.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 RedHat eap8-yasson-0:3.0.3-2.redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-activemq-artemis-0:2.21.0-4.redhat_00048.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-amazon-ion-java-0:1.0.2-4.redhat_00005.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-angus-0:2.0.2-3.redhat_00002.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-angus-activation-0:2.0.1-2.redhat_00005.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-antlr4-0:4.10.1-1.redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-apache-commons-beanutils-0:1.9.4-12.redhat_00003.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-apache-commons-codec-0:1.15.0-5.redhat_00015.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-apache-commons-io-0:2.11.0-2.redhat_00003.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-apache-cxf-0:4.0.0-2.redhat_00002.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-apache-sshd-0:2.12.1-1.redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-atinject-0:2.0.1-2.redhat_00005.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-caffeine-0:3.1.8-1.redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-elytron-web-0:4.0.1-1.Final_redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-fge-btf-0:1.2.0-2.redhat_00017.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-fge-msg-simple-0:1.1.0-2.redhat_00015.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-gson-0:2.8.9-2.redhat_00002.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-guava-failureaccess-0:1.0.1-4.redhat_00012.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-guava-libraries-0:32.1.2-1.jre_redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-hal-console-0:3.6.18-1.Final_redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-hibernate-0:6.2.18-1.Final_redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-hibernate-search-0:6.2.2-1.Final_redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-hibernate-validator-0:8.0.1-1.Final_redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-httpcomponents-asyncclient-0:4.1.5-2.redhat_00004.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-httpcomponents-client-0:4.5.14-2.redhat_00010.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-httpcomponents-core-0:4.4.16-2.redhat_00008.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-infinispan-0:14.0.24-1.Final_redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-ironjacamar-0:3.0.8-1.Final_redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jackson-annotations-0:2.15.4-1.redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jackson-core-0:2.15.4-1.redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jackson-databind-0:2.15.4-1.redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jackson-dataformats-binary-0:2.15.4-1.redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jackson-jaxrs-providers-0:2.15.4-1.redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jackson-modules-base-0:2.15.4-1.redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jackson-modules-java8-0:2.15.4-1.redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jakarta-activation-0:2.1.2-2.redhat_00005.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jakarta-annotation-api-0:2.1.1-4.redhat_00003.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jakarta-batch-api-0:2.1.1-3.redhat_00003.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jakarta-interceptor-api-0:2.1.0-4.redhat_00002.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jakarta-jms-api-0:3.1.0-4.redhat_00003.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jakarta-json-0:1.1.6-4.redhat_00003.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jakarta-json-api-0:2.1.2-3.redhat_00003.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jakarta-mail-0:2.1.2-2.redhat_00003.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jakarta-servlet-api-0:6.0.0-4.redhat_00005.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jakarta-transaction-api-0:2.0.1-3.redhat_00004.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jakarta-validation-api-0:3.0.2-2.redhat_00005.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jakarta-ws-rs-api-0:3.1.0-4.redhat_00002.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jakarta-xml-bind-api-0:4.0.0-4.redhat_00009.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jasypt-0:1.9.3-3.redhat_00003.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-java-classmate-0:1.5.1-2.redhat_00003.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-javaee-jpa-spec-0:3.1.0-3.redhat_00002.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jaxb-0:4.0.2-4.redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jberet-0:2.1.4-1.Final_redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jboss-ejb-client-0:5.0.6-1.Final_redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jboss-modules-0:2.1.4-2.Final_redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jgroups-0:5.2.23-1.Final_redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jgroups-kubernetes-0:2.0.2-1.Final_redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-joda-time-0:2.12.5-1.redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-jose4j-0:0.9.3-2.redhat_00004.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-log4j2-jboss-logmanager-0:1.1.2-1.Final_redhat_00002.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-lucene-solr-0:8.11.3-1.redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-narayana-0:6.0.2-1.Final_redhat_00002.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-netty-0:4.1.100-2.Final_redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-netty-transport-native-epoll-0:4.1.100-5.Final_redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-protostream-0:4.6.5-4.Final_redhat_00006.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-reactive-streams-0:1.0.4-2.redhat_00003.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-resteasy-0:6.2.7-1.Final_redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-slf4j-0:2.0.7-3.redhat_00003.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-snakeyaml-0:2.0.0-2.redhat_00012.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-stax2-api-0:4.2.1-2.redhat_00008.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-sun-istack-commons-0:4.1.2-1.redhat_00003.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-velocity-0:2.3.0-2.redhat_00008.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-wildfly-0:8.0.2-2.GA_redhat_00009.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-wildfly-elytron-0:2.2.4-2.SP01_redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-wildfly-http-client-0:2.0.7-1.Final_redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-wildfly-transaction-client-0:3.0.5-1.Final_redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-woodstox-core-0:6.4.0-2.redhat_00002.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-ws-commons-XmlSchema-0:2.3.0-2.redhat_00002.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-wsdl4j-0:1.6.3-4.redhat_00007.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-wss4j-0:3.0.1-2.redhat_00014.1.el9eap *
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 RedHat eap8-yasson-0:3.0.3-2.redhat_00001.1.el9eap *

Potential Mitigations

  • Use a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • For example, in Java, if the programmer does not explicitly initialize a variable, then the code could produce a compile-time error (if the variable is local) or automatically initialize the variable to the default value for the variable’s type. In Perl, if explicit initialization is not performed, then a default value of undef is assigned, which is interpreted as 0, false, or an equivalent value depending on the context in which the variable is accessed.

References