{"id":"RHSA-2024:8567","summary":"Red Hat Security Advisory: pki-deps:10.6 security update","modified":"2026-03-18T10:37:38Z","published":"2024-10-30T09:33:35Z","upstream":["CVE-2024-38286"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2024:8567"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2314686"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8567.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-38286"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2024-38286"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38286"},{"type":"ARTICLE","url":"https://lists.apache.org/thread/wms60cvbsz3fpbz9psxtfx8r41jl6d4s"}],"affected":[{"package":{"name":"apache-commons-collections","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/apache-commons-collections"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.2.2-10.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"apache-commons-lang","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/apache-commons-lang"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.6-21.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"bea-stax","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/bea-stax"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.0-16.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"bea-stax-api","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/bea-stax-api"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.0-16.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"glassfish-fastinfoset","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/glassfish-fastinfoset"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.13-9.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"glassfish-jaxb","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/glassfish-jaxb"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.11-11.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"glassfish-jaxb-api","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/glassfish-jaxb-api"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.12-8.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"glassfish-jaxb-core","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/glassfish-jaxb-core"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.11-11.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"glassfish-jaxb-runtime","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/glassfish-jaxb-runtime"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.11-11.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"glassfish-jaxb-txw2","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/glassfish-jaxb-txw2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.11-11.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"jackson-annotations","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/jackson-annotations"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.0-1.module+el8.2.0+5059+3eb3af25"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"jackson-core","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/jackson-core"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.0-1.module+el8.2.0+5059+3eb3af25"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"jackson-databind","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/jackson-databind"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.0-1.module+el8.2.0+5059+3eb3af25"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"jackson-jaxrs-json-provider","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/jackson-jaxrs-json-provider"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.9.9-1.module+el8.1.0+3832+9784644d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"jackson-jaxrs-providers","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/jackson-jaxrs-providers"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.9.9-1.module+el8.1.0+3832+9784644d"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"jackson-module-jaxb-annotations","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/jackson-module-jaxb-annotations"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.7.6-4.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"jakarta-commons-httpclient","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/jakarta-commons-httpclient"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.1-28.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"javassist","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/javassist"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.18.1-8.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"javassist-javadoc","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/javassist-javadoc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.18.1-8.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"pki-servlet-4.0-api","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/pki-servlet-4.0-api"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:9.0.7-16.module+el8.2.0+22384+93cade87.1"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"pki-servlet-engine","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/pki-servlet-engine"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:9.0.7-16.module+el8.2.0+22384+93cade87.1"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"python-nss","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/python-nss"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.1-10.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"python-nss-debugsource","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/python-nss-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.1-10.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"python-nss-doc","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/python-nss-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.1-10.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"python3-nss","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/python3-nss"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.1-10.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"python3-nss-debuginfo","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/python3-nss-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.1-10.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"relaxngDatatype","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/relaxngDatatype"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2011.1-7.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"resteasy","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/resteasy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.0.26-3.module+el8.2.0+5723+4574fbff"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"slf4j","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/slf4j"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7.25-4.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"slf4j-jdk14","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/slf4j-jdk14"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7.25-4.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"stax-ex","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/stax-ex"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7.7-8.module+el8.2.0+5723+4574fbff"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"velocity","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/velocity"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.7-24.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"xalan-j2","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/xalan-j2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.7.1-38.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"xerces-j2","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/xerces-j2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.11.0-34.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"xml-commons-apis","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/xml-commons-apis"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.4.01-25.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"xml-commons-resolver","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/xml-commons-resolver"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2-26.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"xmlstreambuffer","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/xmlstreambuffer"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.5.4-8.module+el8.2.0+5723+4574fbff"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}},{"package":{"name":"xsom","ecosystem":"Red Hat:rhel_aus:8.2::appstream","purl":"pkg:rpm/redhat/xsom"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:8567.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}