{"id":"RHSA-2022:4797","summary":"Red Hat Security Advisory: maven:3.6 security update","modified":"2026-03-11T07:28:18.186317Z","published":"2024-10-22T00:28:13Z","upstream":["CVE-2022-29599"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2022:4797"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2066479"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_4797.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-29599"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-29599"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29599"}],"affected":[{"package":{"name":"aopalliance","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/aopalliance"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0-20.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"apache-commons-cli","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/apache-commons-cli"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.4-7.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"apache-commons-codec","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/apache-commons-codec"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.13-3.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"apache-commons-io","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/apache-commons-io"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.6-6.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"apache-commons-lang3","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/apache-commons-lang3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.9-4.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"atinject","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/atinject"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1-31.20100611svn86.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"cdi-api","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/cdi-api"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.0.1-3.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"geronimo-annotation","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/geronimo-annotation"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0-26.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"google-guice","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/google-guice"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.2.2-4.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"guava","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/guava"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:28.1-3.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"httpcomponents-client","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/httpcomponents-client"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.5.10-3.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"httpcomponents-core","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/httpcomponents-core"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.12-3.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"jansi","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/jansi"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.18-4.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"jcl-over-slf4j","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/jcl-over-slf4j"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7.28-3.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"jsoup","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/jsoup"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.12.1-3.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"jsr-305","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/jsr-305"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0-0.25.20130910svn.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"maven","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/maven"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.6.2-4.module+el8.2.0+5560+b953ed0b"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"maven-lib","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/maven-lib"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.6.2-4.module+el8.2.0+5560+b953ed0b"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"maven-openjdk11","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/maven-openjdk11"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.6.2-4.module+el8.2.0+5560+b953ed0b"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"maven-openjdk8","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/maven-openjdk8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.6.2-4.module+el8.2.0+5560+b953ed0b"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"maven-resolver","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/maven-resolver"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.4.1-3.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"maven-shared-utils","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/maven-shared-utils"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.2.1-0.5.module+el8.2.0+15047+acf0c170"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"maven-wagon","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/maven-wagon"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.3.4-2.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"plexus-cipher","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/plexus-cipher"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7-17.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"plexus-classworlds","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/plexus-classworlds"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.6.0-4.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"plexus-containers","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/plexus-containers"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.1.0-2.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"plexus-containers-component-annotations","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/plexus-containers-component-annotations"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.1.0-2.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"plexus-interpolation","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/plexus-interpolation"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.26-3.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"plexus-sec-dispatcher","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/plexus-sec-dispatcher"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.4-29.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"plexus-utils","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/plexus-utils"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.3.0-3.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"sisu","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/sisu"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.3.4-2.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"slf4j","ecosystem":"Red Hat:rhel_eus:8.2::appstream","purl":"pkg:rpm/redhat/slf4j"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7.28-3.module+el8.2.0+5557+11a14461"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"aopalliance","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/aopalliance"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0-20.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"apache-commons-cli","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/apache-commons-cli"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.4-7.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"apache-commons-codec","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/apache-commons-codec"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.13-3.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"apache-commons-io","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/apache-commons-io"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.6-6.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"apache-commons-lang3","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/apache-commons-lang3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.9-4.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"atinject","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/atinject"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1-31.20100611svn86.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"cdi-api","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/cdi-api"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.0.1-3.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"geronimo-annotation","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/geronimo-annotation"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0-26.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"google-guice","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/google-guice"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.2.2-4.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"guava","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/guava"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:28.1-3.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"httpcomponents-client","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/httpcomponents-client"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.5.10-3.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"httpcomponents-core","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/httpcomponents-core"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.12-3.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"jansi","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/jansi"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.18-4.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"jcl-over-slf4j","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/jcl-over-slf4j"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7.28-3.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"jsoup","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/jsoup"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.12.1-3.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"jsr-305","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/jsr-305"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0-0.25.20130910svn.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"maven","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/maven"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.6.2-6.module+el8.4.0+9250+1786af37"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"maven-lib","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/maven-lib"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.6.2-6.module+el8.4.0+9250+1786af37"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"maven-openjdk11","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/maven-openjdk11"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.6.2-6.module+el8.4.0+9250+1786af37"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"maven-openjdk8","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/maven-openjdk8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.6.2-6.module+el8.4.0+9250+1786af37"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"maven-resolver","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/maven-resolver"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.4.1-3.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"maven-shared-utils","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/maven-shared-utils"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.2.1-0.5.module+el8.4.0+15048+bdaf849b"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"maven-wagon","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/maven-wagon"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.3.4-2.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"plexus-cipher","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/plexus-cipher"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7-17.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"plexus-classworlds","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/plexus-classworlds"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.6.0-4.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"plexus-containers","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/plexus-containers"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.1.0-2.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"plexus-containers-component-annotations","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/plexus-containers-component-annotations"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.1.0-2.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"plexus-interpolation","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/plexus-interpolation"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.26-3.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"plexus-sec-dispatcher","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/plexus-sec-dispatcher"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.4-29.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"plexus-utils","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/plexus-utils"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.3.0-3.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"sisu","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/sisu"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.3.4-2.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"slf4j","ecosystem":"Red Hat:rhel_eus:8.4::appstream","purl":"pkg:rpm/redhat/slf4j"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7.28-3.module+el8.3.0+6804+157bd82e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"aopalliance","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/aopalliance"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0-20.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"apache-commons-cli","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/apache-commons-cli"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.4-7.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"apache-commons-codec","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/apache-commons-codec"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.13-3.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"apache-commons-io","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/apache-commons-io"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.6-6.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"apache-commons-lang3","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/apache-commons-lang3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.9-4.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"atinject","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/atinject"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1-31.20100611svn86.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"cdi-api","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/cdi-api"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.0.1-3.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"geronimo-annotation","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/geronimo-annotation"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0-26.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"google-guice","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/google-guice"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.2.2-4.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"guava","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/guava"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:28.1-3.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"httpcomponents-client","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/httpcomponents-client"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.5.10-4.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"httpcomponents-core","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/httpcomponents-core"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.12-3.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"jansi","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/jansi"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.18-4.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"jcl-over-slf4j","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/jcl-over-slf4j"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7.28-3.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"jsoup","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/jsoup"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.12.1-3.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"jsr-305","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/jsr-305"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0-0.25.20130910svn.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"maven","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/maven"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.6.2-7.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"maven-lib","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/maven-lib"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.6.2-7.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"maven-openjdk11","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/maven-openjdk11"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.6.2-7.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"maven-openjdk17","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/maven-openjdk17"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.6.2-7.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"maven-openjdk8","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/maven-openjdk8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.6.2-7.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"maven-resolver","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/maven-resolver"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.4.1-3.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"maven-shared-utils","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/maven-shared-utils"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.2.1-0.5.module+el8.6.0+15049+43453910"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"maven-wagon","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/maven-wagon"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.3.4-2.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"plexus-cipher","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/plexus-cipher"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7-17.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"plexus-classworlds","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/plexus-classworlds"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.6.0-4.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"plexus-containers","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/plexus-containers"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.1.0-2.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"plexus-containers-component-annotations","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/plexus-containers-component-annotations"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.1.0-2.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"plexus-interpolation","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/plexus-interpolation"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.26-3.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"plexus-sec-dispatcher","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/plexus-sec-dispatcher"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.4-29.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"plexus-utils","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/plexus-utils"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.3.0-3.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"sisu","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/sisu"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.3.4-2.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}},{"package":{"name":"slf4j","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/slf4j"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7.28-3.module+el8.6.0+13337+afcb49ec"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:4797.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}