Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-2141 (GCVE-0-2016-2141)
Vulnerability from cvelistv5 – Published: 2016-06-30 00:00 – Updated: 2024-08-05 23:17
VLAI
EPSS
Summary
It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
25 references
Date Public
2016-06-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:17:50.610Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2016:1347",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1347"
},
{
"name": "RHSA-2016:2035",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2035.html"
},
{
"name": "RHSA-2016:1389",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1389"
},
{
"name": "RHSA-2016:1345",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1345"
},
{
"name": "RHSA-2016:1376",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1376"
},
{
"name": "RHSA-2016:1330",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2016-1330.html"
},
{
"name": "RHSA-2016:1439",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1439.html"
},
{
"name": "RHSA-2016:1331",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2016-1331.html"
},
{
"name": "91481",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91481"
},
{
"name": "RHSA-2016:1434",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1434"
},
{
"name": "RHSA-2016:1328",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2016-1328.html"
},
{
"name": "RHSA-2016:1433",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1433"
},
{
"tags": [
"x_transferred"
],
"url": "https://issues.jboss.org/browse/JGRP-2021"
},
{
"name": "RHSA-2016:1374",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1374"
},
{
"name": "RHSA-2016:1432",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1432"
},
{
"name": "RHSA-2016:1346",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1346"
},
{
"name": "RHSA-2016:1334",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2016-1334.html"
},
{
"name": "RHSA-2016:1333",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2016-1333.html"
},
{
"name": "RHSA-2016:1329",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2016-1329.html"
},
{
"name": "RHSA-2016:1332",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2016-1332.html"
},
{
"name": "RHSA-2016:1435",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1435.html"
},
{
"name": "1036165",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036165"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "[geode-dev] 20200407 JGroups vulnerabilty",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ra18cac97416abc2958db0b107877c31da28d884fa6e70fd89c87384a%40%3Cdev.geode.apache.org%3E"
},
{
"name": "[geode-dev] 20200407 Re: JGroups vulnerabilty",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rb37cc937d4fc026fb56de4b4ec0d054aa4083c1a4edd0d8360c068a0%40%3Cdev.geode.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-26T00:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2016:1347",
"tags": [
"vendor-advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1347"
},
{
"name": "RHSA-2016:2035",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2035.html"
},
{
"name": "RHSA-2016:1389",
"tags": [
"vendor-advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1389"
},
{
"name": "RHSA-2016:1345",
"tags": [
"vendor-advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1345"
},
{
"name": "RHSA-2016:1376",
"tags": [
"vendor-advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1376"
},
{
"name": "RHSA-2016:1330",
"tags": [
"vendor-advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2016-1330.html"
},
{
"name": "RHSA-2016:1439",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1439.html"
},
{
"name": "RHSA-2016:1331",
"tags": [
"vendor-advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2016-1331.html"
},
{
"name": "91481",
"tags": [
"vdb-entry"
],
"url": "http://www.securityfocus.com/bid/91481"
},
{
"name": "RHSA-2016:1434",
"tags": [
"vendor-advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1434"
},
{
"name": "RHSA-2016:1328",
"tags": [
"vendor-advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2016-1328.html"
},
{
"name": "RHSA-2016:1433",
"tags": [
"vendor-advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1433"
},
{
"url": "https://issues.jboss.org/browse/JGRP-2021"
},
{
"name": "RHSA-2016:1374",
"tags": [
"vendor-advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1374"
},
{
"name": "RHSA-2016:1432",
"tags": [
"vendor-advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1432"
},
{
"name": "RHSA-2016:1346",
"tags": [
"vendor-advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1346"
},
{
"name": "RHSA-2016:1334",
"tags": [
"vendor-advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2016-1334.html"
},
{
"name": "RHSA-2016:1333",
"tags": [
"vendor-advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2016-1333.html"
},
{
"name": "RHSA-2016:1329",
"tags": [
"vendor-advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2016-1329.html"
},
{
"name": "RHSA-2016:1332",
"tags": [
"vendor-advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2016-1332.html"
},
{
"name": "RHSA-2016:1435",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1435.html"
},
{
"name": "1036165",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1036165"
},
{
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "[geode-dev] 20200407 JGroups vulnerabilty",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/ra18cac97416abc2958db0b107877c31da28d884fa6e70fd89c87384a%40%3Cdev.geode.apache.org%3E"
},
{
"name": "[geode-dev] 20200407 Re: JGroups vulnerabilty",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/rb37cc937d4fc026fb56de4b4ec0d054aa4083c1a4edd0d8360c068a0%40%3Cdev.geode.apache.org%3E"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-2141",
"datePublished": "2016-06-30T00:00:00.000Z",
"dateReserved": "2016-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-05T23:17:50.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2016-2141",
"date": "2026-05-27",
"epss": "0.02326",
"percentile": "0.85035"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jgroups:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.0\", \"matchCriteriaId\": \"EEEE3873-17F7-4E5D-9C19-1C1BE698A17E\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"93F14D0A-4350-4141-B4C4-FBEBAAA4828D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E2E0AFF9-F664-4D46-AEF4-07C725CC5448\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"88BF3B2C-B121-483A-AEF2-8082F6DA5310\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1D8B549B-E57B-4DFE-8A13-CAB06B5356B3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.\"}, {\"lang\": \"es\", \"value\": \"JGroups en versiones anteriores a 4.0 no solicita las cabeceras adecuadas para los protocolos ENCRYPT y AUTH desde los nodos uni\\u00e9ndose al grupo, lo que permite a atacantes remotos eludir las restricciones de seguridad y enviar y recibir mensajes dentro del grupo a trav\\u00e9s de vectores no especificados.\"}]",
"id": "CVE-2016-2141",
"lastModified": "2024-11-21T02:47:53.683",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2016-06-30T16:59:00.117",
"references": "[{\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-1435.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-1439.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2035.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/91481\", \"source\": \"secalert@redhat.com\", \"tags\": [\"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1036165\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1345\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1346\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1347\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1374\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1376\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1389\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1432\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1433\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1434\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://issues.jboss.org/browse/JGRP-2021\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/ra18cac97416abc2958db0b107877c31da28d884fa6e70fd89c87384a%40%3Cdev.geode.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/rb37cc937d4fc026fb56de4b4ec0d054aa4083c1a4edd0d8360c068a0%40%3Cdev.geode.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://rhn.redhat.com/errata/RHSA-2016-1328.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://rhn.redhat.com/errata/RHSA-2016-1329.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"https://rhn.redhat.com/errata/RHSA-2016-1330.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://rhn.redhat.com/errata/RHSA-2016-1331.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"https://rhn.redhat.com/errata/RHSA-2016-1332.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://rhn.redhat.com/errata/RHSA-2016-1333.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"https://rhn.redhat.com/errata/RHSA-2016-1334.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-1435.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-1439.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2035.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/91481\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1036165\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1345\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1346\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1347\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1374\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1376\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1389\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1432\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1433\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1434\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://issues.jboss.org/browse/JGRP-2021\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/ra18cac97416abc2958db0b107877c31da28d884fa6e70fd89c87384a%40%3Cdev.geode.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rb37cc937d4fc026fb56de4b4ec0d054aa4083c1a4edd0d8360c068a0%40%3Cdev.geode.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://rhn.redhat.com/errata/RHSA-2016-1328.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://rhn.redhat.com/errata/RHSA-2016-1329.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"https://rhn.redhat.com/errata/RHSA-2016-1330.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://rhn.redhat.com/errata/RHSA-2016-1331.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"https://rhn.redhat.com/errata/RHSA-2016-1332.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://rhn.redhat.com/errata/RHSA-2016-1333.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"https://rhn.redhat.com/errata/RHSA-2016-1334.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2016-2141\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2016-06-30T16:59:00.117\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.\"},{\"lang\":\"es\",\"value\":\"JGroups en versiones anteriores a 4.0 no solicita las cabeceras adecuadas para los protocolos ENCRYPT y AUTH desde los nodos uni\u00e9ndose al grupo, lo que permite a atacantes remotos eludir las restricciones de seguridad y enviar y recibir mensajes dentro del grupo a trav\u00e9s de vectores no especificados.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jgroups:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.0\",\"matchCriteriaId\":\"EEEE3873-17F7-4E5D-9C19-1C1BE698A17E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93F14D0A-4350-4141-B4C4-FBEBAAA4828D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2E0AFF9-F664-4D46-AEF4-07C725CC5448\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88BF3B2C-B121-483A-AEF2-8082F6DA5310\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D8B549B-E57B-4DFE-8A13-CAB06B5356B3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"}]}]}],\"references\":[{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-1435.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-1439.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2035.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/91481\",\"source\":\"secalert@redhat.com\",\"tags\":[\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1036165\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1345\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1346\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1347\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1374\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1376\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1389\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1432\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1433\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1434\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://issues.jboss.org/browse/JGRP-2021\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/ra18cac97416abc2958db0b107877c31da28d884fa6e70fd89c87384a%40%3Cdev.geode.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rb37cc937d4fc026fb56de4b4ec0d054aa4083c1a4edd0d8360c068a0%40%3Cdev.geode.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2016-1328.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2016-1329.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2016-1330.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2016-1331.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2016-1332.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2016-1333.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2016-1334.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-1435.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-1439.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2035.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/91481\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1036165\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1345\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1346\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1347\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1374\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1376\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1389\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1432\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1433\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1434\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://issues.jboss.org/browse/JGRP-2021\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/ra18cac97416abc2958db0b107877c31da28d884fa6e70fd89c87384a%40%3Cdev.geode.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rb37cc937d4fc026fb56de4b4ec0d054aa4083c1a4edd0d8360c068a0%40%3Cdev.geode.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2016-1328.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2016-1329.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2016-1330.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2016-1331.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2016-1332.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2016-1333.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2016-1334.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
RHSA-2016_1434
Vulnerability from csaf_redhat - Published: 2016-07-18 19:39 - Updated: 2024-12-15 18:44Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform update
Severity
Critical
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.
This release of Red Hat JBoss Enterprise Application Platform 6.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.8, and includes bug fixes and enhancements, which are documented in the Release Notes documented linked to in the References.
Security Fix(es):
* It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks. (CVE-2016-2141)
More information about this vulnerability is available at: https://access.redhat.com/articles/2360521
* A directory traversal flaw was found in Tomcat's and JBoss Web's RequestUtil.java. A remote, authenticated user could use this flaw to bypass intended SecurityManager restrictions and list a parent directory via a '/..' in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call, as demonstrated by the $CATALINA_BASE/webapps directory. (CVE-2015-5174)
The CVE-2016-2141 issue was discovered by Dennis Reed (Red Hat).
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A directory traversal flaw was found in Tomcat's RequestUtil.java. A remote, authenticated user could use this flaw to bypass intended SecurityManager restrictions and list a parent directory via a '/..' in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call.
4.3 (Medium)
Affected products
Fixed
148 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-6.4:apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-6.4:xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.
9.8 (Critical)
Affected products
Fixed
148 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-6.4:apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-6.4:xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.src | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Critical
References
20 references
Acknowledgments
Red Hat
Dennis Reed
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.8, and includes bug fixes and enhancements, which are documented in the Release Notes documented linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks. (CVE-2016-2141)\n\nMore information about this vulnerability is available at: https://access.redhat.com/articles/2360521\n\n* A directory traversal flaw was found in Tomcat\u0027s and JBoss Web\u0027s RequestUtil.java. A remote, authenticated user could use this flaw to bypass intended SecurityManager restrictions and list a parent directory via a \u0027/..\u0027 in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call, as demonstrated by the $CATALINA_BASE/webapps directory. (CVE-2015-5174)\n\nThe CVE-2016-2141 issue was discovered by Dennis Reed (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2016:1434",
"url": "https://access.redhat.com/errata/RHSA-2016:1434"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/?version=6.4",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/?version=6.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/2360521",
"url": "https://access.redhat.com/articles/2360521"
},
{
"category": "external",
"summary": "1265698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1265698"
},
{
"category": "external",
"summary": "1313589",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1313589"
},
{
"category": "external",
"summary": "1343604",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343604"
},
{
"category": "external",
"summary": "1343607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343607"
},
{
"category": "external",
"summary": "1343612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343612"
},
{
"category": "external",
"summary": "1343622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343622"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_1434.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform update",
"tracking": {
"current_release_date": "2024-12-15T18:44:27+00:00",
"generator": {
"date": "2024-12-15T18:44:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2016:1434",
"initial_release_date": "2016-07-18T19:39:47+00:00",
"revision_history": [
{
"date": "2016-07-18T19:39:47+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2016-07-18T19:39:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-15T18:44:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate4-validator@4.3.3-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossts@4.17.34-1.Final_redhat_1.1.ep6.el7?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-msc@1.1.6-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-jsf-api_2.1_spec@2.1.28-6.SP2_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.noarch",
"product_id": "glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jsf-eap6@2.1.28-11.SP10_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.17-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.noarch",
"product": {
"name": "xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.noarch",
"product_id": "xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xalan-j2-eap6@2.7.1-11.redhat_11.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.noarch",
"product_id": "apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-cxf@2.7.18-2.SP1_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch",
"product_id": "picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-11.SP9_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch",
"product_id": "picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-11.SP9_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.noarch",
"product_id": "hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-13.SP11_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hibernate4-validator@4.3.3-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossts@4.17.34-1.Final_redhat_1.1.ep6.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-msc@1.1.6-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.src",
"product_id": "jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-jsf-api_2.1_spec@2.1.28-6.SP2_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.src",
"product": {
"name": "glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.src",
"product_id": "glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jsf-eap6@2.1.28-11.SP10_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.17-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.src",
"product": {
"name": "xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.src",
"product_id": "xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xalan-j2-eap6@2.7.1-11.redhat_11.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.src",
"product": {
"name": "apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.src",
"product_id": "apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-cxf@2.7.18-2.SP1_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src",
"product": {
"name": "picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src",
"product_id": "picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-11.SP9_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src",
"product": {
"name": "picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src",
"product_id": "picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-11.SP9_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.src",
"product": {
"name": "hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.src",
"product_id": "hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-13.SP11_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.9-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.src"
},
"product_reference": "apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.src"
},
"product_reference": "glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.src"
},
"product_reference": "hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src"
},
"product_reference": "picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src"
},
"product_reference": "picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.noarch"
},
"product_reference": "xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.src"
},
"product_reference": "xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-5174",
"discovery_date": "2015-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1265698"
}
],
"notes": [
{
"category": "description",
"text": "A directory traversal flaw was found in Tomcat\u0027s RequestUtil.java. A remote, authenticated user could use this flaw to bypass intended SecurityManager restrictions and list a parent directory via a \u0027/..\u0027 in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: URL Normalization issue",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-5174"
},
{
"category": "external",
"summary": "RHBZ#1265698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1265698"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-5174",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5174"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5174",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5174"
},
{
"category": "external",
"summary": "http://seclists.org/bugtraq/2016/Feb/149",
"url": "http://seclists.org/bugtraq/2016/Feb/149"
}
],
"release_date": "2016-02-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T19:39:47+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: URL Normalization issue"
},
{
"acknowledgments": [
{
"names": [
"Dennis Reed"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2016-2141",
"discovery_date": "2015-11-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1313589"
}
],
"notes": [
{
"category": "description",
"text": "It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JGroups: Authorization bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-2141"
},
{
"category": "external",
"summary": "RHBZ#1313589",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1313589"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-2141",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2141"
}
],
"release_date": "2016-06-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T19:39:47+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1434"
},
{
"category": "workaround",
"details": "Please refer to https://access.redhat.com/articles/2360521 for more information.",
"product_ids": [
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.src"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JGroups: Authorization bypass"
}
]
}
RHSA-2016_1435
Vulnerability from csaf_redhat - Published: 2016-07-18 19:06 - Updated: 2024-12-15 18:44Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.9 update
Severity
Critical
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform from the Customer Portal.
Red Hat Product Security has rated this update as having a security impact
of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.
This release of Red Hat JBoss Enterprise Application Platform 6.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.8, and includes bug fixes and enhancements. Documentation for these changes will be available shortly from the Red Hat JBoss Enterprise Application Platform 6.4.9 Release Notes, linked to in the References.
Security Fix(es):
* It was found that JGroups did not require necessary headers for encrypt
and auth protocols from new nodes joining the cluster. An attacker could
use this flaw to bypass security restrictions, and use this vulnerability
to send and receive messages within the cluster, leading to information
disclosure, message spoofing, or further possible attacks. (CVE-2016-2141)
More information about this vulnerability is available at: https://access.redhat.com/articles/2360521
* A directory traversal flaw was found in Tomcat's and JBoss Web's
RequestUtil.java. A remote, authenticated user could use this flaw to
bypass intended SecurityManager restrictions and list a parent directory
via a '/..' in a pathname used by a web application in a getResource,
getResourceAsStream, or getResourcePaths call, as demonstrated by the
$CATALINA_BASE/webapps directory. (CVE-2015-5174)
The CVE-2016-2141 issue was discovered by Dennis Reed (Red Hat).
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A directory traversal flaw was found in Tomcat's RequestUtil.java. A remote, authenticated user could use this flaw to bypass intended SecurityManager restrictions and list a parent directory via a '/..' in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call.
4.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 6.4
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:6.4
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 6.4
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:6.4
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Critical
References
17 references
Acknowledgments
Red Hat
Dennis Reed
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform from the Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact\nof Critical. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.8, and includes bug fixes and enhancements. Documentation for these changes will be available shortly from the Red Hat JBoss Enterprise Application Platform 6.4.9 Release Notes, linked to in the References. \n\nSecurity Fix(es):\n\n* It was found that JGroups did not require necessary headers for encrypt\nand auth protocols from new nodes joining the cluster. An attacker could\nuse this flaw to bypass security restrictions, and use this vulnerability\nto send and receive messages within the cluster, leading to information\ndisclosure, message spoofing, or further possible attacks. (CVE-2016-2141)\n\nMore information about this vulnerability is available at: https://access.redhat.com/articles/2360521\n\n* A directory traversal flaw was found in Tomcat\u0027s and JBoss Web\u0027s\nRequestUtil.java. A remote, authenticated user could use this flaw to\nbypass intended SecurityManager restrictions and list a parent directory\nvia a \u0027/..\u0027 in a pathname used by a web application in a getResource,\ngetResourceAsStream, or getResourcePaths call, as demonstrated by the\n$CATALINA_BASE/webapps directory. (CVE-2015-5174)\n\nThe CVE-2016-2141 issue was discovered by Dennis Reed (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2016:1435",
"url": "https://access.redhat.com/errata/RHSA-2016:1435"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/",
"url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/2360521",
"url": "https://access.redhat.com/articles/2360521"
},
{
"category": "external",
"summary": "1265698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1265698"
},
{
"category": "external",
"summary": "1313589",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1313589"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_1435.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.9 update",
"tracking": {
"current_release_date": "2024-12-15T18:44:48+00:00",
"generator": {
"date": "2024-12-15T18:44:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2016:1435",
"initial_release_date": "2016-07-18T19:06:42+00:00",
"revision_history": [
{
"date": "2016-07-18T19:06:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-02-20T12:39:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-15T18:44:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4",
"product_id": "Red Hat JBoss Enterprise Application Platform 6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-5174",
"discovery_date": "2015-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1265698"
}
],
"notes": [
{
"category": "description",
"text": "A directory traversal flaw was found in Tomcat\u0027s RequestUtil.java. A remote, authenticated user could use this flaw to bypass intended SecurityManager restrictions and list a parent directory via a \u0027/..\u0027 in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: URL Normalization issue",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-5174"
},
{
"category": "external",
"summary": "RHBZ#1265698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1265698"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-5174",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5174"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5174",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5174"
},
{
"category": "external",
"summary": "http://seclists.org/bugtraq/2016/Feb/149",
"url": "http://seclists.org/bugtraq/2016/Feb/149"
}
],
"release_date": "2016-02-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T19:06:42+00:00",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1435"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: URL Normalization issue"
},
{
"acknowledgments": [
{
"names": [
"Dennis Reed"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2016-2141",
"discovery_date": "2015-11-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1313589"
}
],
"notes": [
{
"category": "description",
"text": "It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JGroups: Authorization bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-2141"
},
{
"category": "external",
"summary": "RHBZ#1313589",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1313589"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-2141",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2141"
}
],
"release_date": "2016-06-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-18T19:06:42+00:00",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1435"
},
{
"category": "workaround",
"details": "Please refer to https://access.redhat.com/articles/2360521 for more information.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JGroups: Authorization bypass"
}
]
}
RHSA-2016_1439
Vulnerability from csaf_redhat - Published: 2016-07-19 20:39 - Updated: 2024-11-22 10:01Summary
Red Hat Security Advisory: Red Hat Single Sign-On security update
Severity
Critical
Notes
Topic: A security update is now available for Red Hat Single Sign-On 7.0 from the Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Single Sign-On 7.0 is a standalone server, based on the Keycloak project, that provides authentication and standards-based SSO capabilities for web and mobile applications.
This asynchronous patch is a security update for JGroups package in Red Hat Single Sign-On 7.0. More information about this vulnerability is available at: https://access.redhat.com/articles/2360521
Security Fix(es):
* It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks. (CVE-2016-2141)
The CVE-2016-2141 issue was discovered by Dennis Reed (Red Hat).
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Single Sign-On 7.0
Red Hat / Red Hat Single Sign-On
|
cpe:/a:redhat:jboss_single_sign_on:7.0
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Critical
References
10 references
Acknowledgments
Red Hat
Dennis Reed
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat Single Sign-On 7.0 from the Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On 7.0 is a standalone server, based on the Keycloak project, that provides authentication and standards-based SSO capabilities for web and mobile applications.\n\nThis asynchronous patch is a security update for JGroups package in Red Hat Single Sign-On 7.0. More information about this vulnerability is available at: https://access.redhat.com/articles/2360521\n\nSecurity Fix(es):\n\n* It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks. (CVE-2016-2141)\n\nThe CVE-2016-2141 issue was discovered by Dennis Reed (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2016:1439",
"url": "https://access.redhat.com/errata/RHSA-2016:1439"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso\u0026downloadType=securityPatches\u0026version=7.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso\u0026downloadType=securityPatches\u0026version=7.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/2360521",
"url": "https://access.redhat.com/articles/2360521"
},
{
"category": "external",
"summary": "1313589",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1313589"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_1439.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On security update",
"tracking": {
"current_release_date": "2024-11-22T10:01:16+00:00",
"generator": {
"date": "2024-11-22T10:01:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2016:1439",
"initial_release_date": "2016-07-19T20:39:46+00:00",
"revision_history": [
{
"date": "2016-07-19T20:39:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-02-20T12:39:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T10:01:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Single Sign-On 7.0",
"product": {
"name": "Red Hat Single Sign-On 7.0",
"product_id": "Red Hat Single Sign-On 7.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_single_sign_on:7.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Single Sign-On"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Dennis Reed"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2016-2141",
"discovery_date": "2015-11-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1313589"
}
],
"notes": [
{
"category": "description",
"text": "It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JGroups: Authorization bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-2141"
},
{
"category": "external",
"summary": "RHBZ#1313589",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1313589"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-2141",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2141"
}
],
"release_date": "2016-06-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-07-19T20:39:46+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting Red Hat Single Sign-On installation.",
"product_ids": [
"Red Hat Single Sign-On 7.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1439"
},
{
"category": "workaround",
"details": "Please refer to https://access.redhat.com/articles/2360521 for more information.",
"product_ids": [
"Red Hat Single Sign-On 7.0"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JGroups: Authorization bypass"
}
]
}
RHSA-2016_2035
Vulnerability from csaf_redhat - Published: 2016-10-06 16:18 - Updated: 2024-11-22 10:24Summary
Red Hat Security Advisory: Red Hat JBoss Fuse 6.3 security update
Severity
Important
Notes
Topic: Red Hat JBoss Fuse 6.3, which fixes multiple security issues and includes several bug fixes and enhancements, is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform.
Red Hat JBoss Fuse 6.3 is a minor product release that updates Red Hat JBoss Fuse 6.2.1, and includes several bug fixes and enhancements. Refer to the Release Notes document, available from the Product Documentation link in the References section, for a list of these changes.
Security Fix(es):
It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks. (CVE-2016-2141)
A deserialization flaw allowing remote code execution was found in the BeanShell library. If BeanShell was on the classpath, it could permit code execution if another part of the application deserialized objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the BeanShell library. (CVE-2016-2510)
It was found that Apache Shiro uses a default cipher key for its "remember me" feature. An attacker could use this to devise a malicious request parameter and gain access to unauthorized content. (CVE-2016-4437)
A denial of service flaw was found in the way Spring processes inline DTD declarations. A remote attacker could submit a specially crafted XML file that would cause out-of-memory errors when parsed. (CVE-2015-3192)
It was found that Apache Camel's camel-xstream component was vulnerable to Java object deserialization. This vulnerability permits deserialization of data which could lead to information disclosure, code execution, or other possible attacks. (CVE-2015-5344)
It was found that Apache Camel's Jetty/Servlet permitted object deserialization. If using camel-jetty or camel-servlet as a consumer in Camel routes, then Camel will automatically deserialize HTTP requests that use the content-header: application/x-java-serialized-object. An attacker could use this vulnerability to gain access to unauthorized information or conduct further attacks. (CVE-2015-5348)
It was found that bouncycastle is vulnerable to an invalid curve attack. An attacker could extract private keys used in elliptic curve cryptography with a few thousand queries. (CVE-2015-7940)
The CVE-2016-2141 issue was discovered by Dennis Reed (Red Hat).
Refer to the Product Documentation link in the References section for installation instructions.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A denial of service flaw was found in the way Spring processes inline DTD declarations. A remote attacker could submit a specially crafted XML file that would cause out-of-memory errors when parsed.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Fuse 6.3
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:6.3
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.
6.0 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Fuse 6.3
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:6.3
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
It was found that Apache Camel's camel-xstream component was vulnerable to Java object deserialization. This vulnerability permits deserialization of data which could lead to information disclosure, code execution, or other possible attacks.
4.2 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Fuse 6.3
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:6.3
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was found that Apache Camel's Jetty/Servlet usage is vulnerable to Java object de-serialisation vulnerability. If using camel-jetty, or camel-servlet as a consumer in Camel routes, then Camel will automatically de-serialize HTTP requests that uses the content-header: application/x-java-serialized-object.
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Fuse 6.3
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:6.3
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was found that bouncycastle is vulnerable to an invalid curve attack. An attacker could extract private keys used in elliptic curve cryptography with a few thousand queries.
CWE-358 - Improperly Implemented Security Check for StandardAffected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Fuse 6.3
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:6.3
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Fuse 6.3
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:6.3
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Critical
A deserialization flaw allowing remote code execution was found in the BeanShell library. If BeanShell was on the classpath, it could permit code execution if another part of the application deserialized objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the BeanShell library.
7.4 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Fuse 6.3
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:6.3
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
It was found that Apache Shiro uses a default cipher key for its "remember me" feature. An attacker could use this to devise a malicious request parameter and gain access to unauthorized content.
7.3 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Fuse 6.3
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:6.3
|
— |
Vendor Fix
fix
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
50 references
Acknowledgments
Red Hat
Dennis Reed
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat JBoss Fuse 6.3, which fixes multiple security issues and includes several bug fixes and enhancements, is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform.\n\nRed Hat JBoss Fuse 6.3 is a minor product release that updates Red Hat JBoss Fuse 6.2.1, and includes several bug fixes and enhancements. Refer to the Release Notes document, available from the Product Documentation link in the References section, for a list of these changes.\n\nSecurity Fix(es):\n\nIt was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks. (CVE-2016-2141)\n\nA deserialization flaw allowing remote code execution was found in the BeanShell library. If BeanShell was on the classpath, it could permit code execution if another part of the application deserialized objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the BeanShell library. (CVE-2016-2510)\n\nIt was found that Apache Shiro uses a default cipher key for its \"remember me\" feature. An attacker could use this to devise a malicious request parameter and gain access to unauthorized content. (CVE-2016-4437)\n\nA denial of service flaw was found in the way Spring processes inline DTD declarations. A remote attacker could submit a specially crafted XML file that would cause out-of-memory errors when parsed. (CVE-2015-3192)\n\nIt was found that Apache Camel\u0027s camel-xstream component was vulnerable to Java object deserialization. This vulnerability permits deserialization of data which could lead to information disclosure, code execution, or other possible attacks. (CVE-2015-5344)\n\nIt was found that Apache Camel\u0027s Jetty/Servlet permitted object deserialization. If using camel-jetty or camel-servlet as a consumer in Camel routes, then Camel will automatically deserialize HTTP requests that use the content-header: application/x-java-serialized-object. An attacker could use this vulnerability to gain access to unauthorized information or conduct further attacks. (CVE-2015-5348)\n\nIt was found that bouncycastle is vulnerable to an invalid curve attack. An attacker could extract private keys used in elliptic curve cryptography with a few thousand queries. (CVE-2015-7940)\n\nThe CVE-2016-2141 issue was discovered by Dennis Reed (Red Hat).\n\nRefer to the Product Documentation link in the References section for installation instructions.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2016:2035",
"url": "https://access.redhat.com/errata/RHSA-2016:2035"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.fuse\u0026downloadType=distributions\u0026version=6.3.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.fuse\u0026downloadType=distributions\u0026version=6.3.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-fuse/?version=6.3",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-fuse/?version=6.3"
},
{
"category": "external",
"summary": "1239002",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1239002"
},
{
"category": "external",
"summary": "1276272",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276272"
},
{
"category": "external",
"summary": "1292849",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1292849"
},
{
"category": "external",
"summary": "1303609",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1303609"
},
{
"category": "external",
"summary": "1310647",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310647"
},
{
"category": "external",
"summary": "1313589",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1313589"
},
{
"category": "external",
"summary": "1343346",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343346"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_2035.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Fuse 6.3 security update",
"tracking": {
"current_release_date": "2024-11-22T10:24:18+00:00",
"generator": {
"date": "2024-11-22T10:24:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2016:2035",
"initial_release_date": "2016-10-06T16:18:07+00:00",
"revision_history": [
{
"date": "2016-10-06T16:18:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-02-20T12:38:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T10:24:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Fuse 6.3",
"product": {
"name": "Red Hat JBoss Fuse 6.3",
"product_id": "Red Hat JBoss Fuse 6.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_fuse:6.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Fuse"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-3192",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2015-06-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1239002"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw was found in the way Spring processes inline DTD declarations. A remote attacker could submit a specially crafted XML file that would cause out-of-memory errors when parsed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Framework: denial-of-service attack with XML input",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Fuse 6.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-3192"
},
{
"category": "external",
"summary": "RHBZ#1239002",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1239002"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-3192",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3192"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3192",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3192"
},
{
"category": "external",
"summary": "http://pivotal.io/security/cve-2015-3192",
"url": "http://pivotal.io/security/cve-2015-3192"
}
],
"release_date": "2015-06-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-10-06T16:18:07+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss Fuse 6.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2035"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss Fuse 6.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Framework: denial-of-service attack with XML input"
},
{
"cve": "CVE-2015-5254",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2015-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1291292"
}
],
"notes": [
{
"category": "description",
"text": "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ObjectMessage: unsafe deserialization",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A malicious message producer needs to authenticate to EAP in order to send messages. Also, the use of JMS ObjectMessage needs to be chosen by the developer of the application. Therefore this issue is rated as moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Fuse 6.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-5254"
},
{
"category": "external",
"summary": "RHBZ#1291292",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291292"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-5254",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5254"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5254",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5254"
},
{
"category": "external",
"summary": "http://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt",
"url": "http://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt"
}
],
"release_date": "2015-12-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-10-06T16:18:07+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss Fuse 6.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2035"
},
{
"category": "workaround",
"details": "If you do deploy a JMS publisher, and subscriber, and don\u0027t trust the messages sent to you by your clients, you could mitigate this issue by installing a Java agent which restricts the classes which can be deserialized. This is an article with the recommended approach:\n\nhttps://access.redhat.com/solutions/2190911\n\nYou could also mitigate this issue using the features of the Java Virtual Machine added in JEP 290:\n\nhttp://openjdk.java.net/jeps/290",
"product_ids": [
"Red Hat JBoss Fuse 6.3"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"Red Hat JBoss Fuse 6.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ObjectMessage: unsafe deserialization"
},
{
"cve": "CVE-2015-5344",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2016-01-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1303609"
}
],
"notes": [
{
"category": "description",
"text": "It was found that Apache Camel\u0027s camel-xstream component was vulnerable to Java object deserialization. This vulnerability permits deserialization of data which could lead to information disclosure, code execution, or other possible attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "camel-xstream: Java object de-serialization vulnerability leads to RCE",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Fuse 6.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-5344"
},
{
"category": "external",
"summary": "RHBZ#1303609",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1303609"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-5344",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5344"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5344",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5344"
},
{
"category": "external",
"summary": "https://camel.apache.org/security-advisories.data/CVE-2015-5344.txt.asc?version=1\u0026modificationDate=1454056803000\u0026api=v2",
"url": "https://camel.apache.org/security-advisories.data/CVE-2015-5344.txt.asc?version=1\u0026modificationDate=1454056803000\u0026api=v2"
}
],
"release_date": "2015-11-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-10-06T16:18:07+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss Fuse 6.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2035"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "MULTIPLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:M/C:P/I:P/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Fuse 6.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "camel-xstream: Java object de-serialization vulnerability leads to RCE"
},
{
"cve": "CVE-2015-5348",
"discovery_date": "2015-12-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1292849"
}
],
"notes": [
{
"category": "description",
"text": "It was found that Apache Camel\u0027s Jetty/Servlet usage is vulnerable to Java object de-serialisation vulnerability. If using camel-jetty, or camel-servlet as a consumer in Camel routes, then Camel will automatically de-serialize HTTP requests that uses the content-header: application/x-java-serialized-object.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Camel: Java object deserialisation in Jetty/Servlet",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Fuse 6.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-5348"
},
{
"category": "external",
"summary": "RHBZ#1292849",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1292849"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-5348",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5348"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5348",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5348"
},
{
"category": "external",
"summary": "https://camel.apache.org/security-advisories.data/CVE-2015-5348.txt",
"url": "https://camel.apache.org/security-advisories.data/CVE-2015-5348.txt"
}
],
"release_date": "2015-12-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-10-06T16:18:07+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss Fuse 6.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2035"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Fuse 6.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Camel: Java object deserialisation in Jetty/Servlet"
},
{
"cve": "CVE-2015-7940",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2015-10-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1276272"
}
],
"notes": [
{
"category": "description",
"text": "It was found that bouncycastle is vulnerable to an invalid curve attack. An attacker could extract private keys used in elliptic curve cryptography with a few thousand queries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: Invalid curve attack allowing to extract private keys",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Fuse 6.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-7940"
},
{
"category": "external",
"summary": "RHBZ#1276272",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276272"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-7940",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7940"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-7940",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7940"
}
],
"release_date": "2015-09-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-10-06T16:18:07+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss Fuse 6.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2035"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Fuse 6.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bouncycastle: Invalid curve attack allowing to extract private keys"
},
{
"acknowledgments": [
{
"names": [
"Dennis Reed"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2016-2141",
"discovery_date": "2015-11-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1313589"
}
],
"notes": [
{
"category": "description",
"text": "It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JGroups: Authorization bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Fuse 6.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-2141"
},
{
"category": "external",
"summary": "RHBZ#1313589",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1313589"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-2141",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2141"
}
],
"release_date": "2016-06-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-10-06T16:18:07+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss Fuse 6.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2035"
},
{
"category": "workaround",
"details": "Please refer to https://access.redhat.com/articles/2360521 for more information.",
"product_ids": [
"Red Hat JBoss Fuse 6.3"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Fuse 6.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JGroups: Authorization bypass"
},
{
"cve": "CVE-2016-2510",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2016-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1310647"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw allowing remote code execution was found in the BeanShell library. If BeanShell was on the classpath, it could permit code execution if another part of the application deserialized objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the BeanShell library.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bsh2: remote code execution via deserialization",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Fuse 6.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-2510"
},
{
"category": "external",
"summary": "RHBZ#1310647",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310647"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-2510",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2510"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2510",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2510"
},
{
"category": "external",
"summary": "https://github.com/beanshell/beanshell/releases/tag/2.0b6",
"url": "https://github.com/beanshell/beanshell/releases/tag/2.0b6"
}
],
"release_date": "2016-02-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-10-06T16:18:07+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss Fuse 6.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2035"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Fuse 6.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "bsh2: remote code execution via deserialization"
},
{
"cve": "CVE-2016-4437",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2016-06-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1343346"
}
],
"notes": [
{
"category": "description",
"text": "It was found that Apache Shiro uses a default cipher key for its \"remember me\" feature. An attacker could use this to devise a malicious request parameter and gain access to unauthorized content.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "shiro: Security constraint bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Fuse 6.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-4437"
},
{
"category": "external",
"summary": "RHBZ#1343346",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343346"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-4437",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4437"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4437",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4437"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2016-06-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-10-06T16:18:07+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss Fuse 6.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2035"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss Fuse 6.3"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2021-11-03T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "shiro: Security constraint bypass"
}
]
}
WID-SEC-W-2024-3616
Vulnerability from csaf_certbund - Published: 2016-10-06 22:00 - Updated: 2024-12-05 23:00Summary
Red Hat JBoss Fuse: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: JBoss Fuse ist ein Open Source Enterprise Service Bus (ESB).
JBoss A-MQ ist eine Messaging-Plattform.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat JBoss Fuse und Red Hat JBoss A-MQ ausnutzen, um einen Denial of Service Angriff durchzuführen, Code mit den Privilegien des angegriffenen Dienstes zur Ausführung bringen, vertrauliche Daten einzusehen, Informationen zu manipulieren oder Sicherheitsmechanismen zu umgehen.
Betroffene Betriebssysteme: - Linux
Es existiert eine Schwachstelle in Red Hat JBoss Fuse und Red Hat JBoss A-MQ. Die Schwachstelle besteht im Spring Framework und beruht auf der Art und WEise, wie "inline DTD Deklarationen" verarbeitet werden. Ein Angreifer kann dieses durch Übermitteln geeignet gestalteter XML Daten zu einem Denial of Service Angirff nutzen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss A-MQ 6.3
Red Hat / JBoss A-MQ
|
cpe:/a:redhat:jboss_amq:6.3
|
6.3 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Juniper Junos Space <20.1R1
Juniper / Junos Space
|
<20.1R1 | ||
|
Red Hat JBoss Fuse 6.3
Red Hat / JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:6.3
|
6.3 |
Es existiert eine Schwachstelle in Red Hat JBoss Fuse in der Apache Camel camel-xstream Komponente. Die Schwachstelle beruht auf einem Deseialisierungfehler von Java Objekten. Ein Angreifer kann dieses nutzen und u. a. vertrauliche Daten einsehen oder Code zur Ausführung bringen.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat JBoss Fuse 6.3
Red Hat / JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:6.3
|
6.3 |
Es existiert eine Schwachstelle in Red Hat JBoss Fuse. Die Schwachstelle besteht in dem Apache Camels Jetty/Servlet und beruht auf einem Deserialisierungsfehler. Ein Angreifer kann dieses durch Übermitteln geeignet gestalteter Daten nutzen und beliebigen Code zur Ausführung bringen.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat JBoss Fuse 6.3
Red Hat / JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:6.3
|
6.3 |
Es existiert eine Schwachstelle in Red Hat JBoss Fuse und Red Hat JBoss A-MQ in der Komponente "bouncycastle". Die Schwachstelle beruht darauf, dass ein Angreifer private Schlüssel bei Verwendung von elliptischen Kurven in der Kryptographie auslesen kann.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss A-MQ 6.3
Red Hat / JBoss A-MQ
|
cpe:/a:redhat:jboss_amq:6.3
|
6.3 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat JBoss Fuse 6.3
Red Hat / JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:6.3
|
6.3 |
Es existiert eine Schwachstelle in Red Hat JBoss Fuse. Die Schwachstelle beruht darauf, dass neue Nodes durch JGroups nicht korrekt authentisiert werden. Ein Angreifer kann dieses nutzen und Sicherheitsmechanismen umgehen.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat JBoss Fuse 6.3
Red Hat / JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:6.3
|
6.3 |
Es existiert eine Schwachstelle in Red Hat JBoss Fuse im Zusammenhang mit BeanShell. Ein anonymer, entfernter Angreifer kann diese Schwachstelle nutzen, um bei der Deserialisierung einer speziell konstruierten Klassenkette beliebigen Programmcode mit den Rechten des Dienstes auszuführen. Zur erfolgreichen Ausnutzung dieser Schwachstelle muss der Angreifer den Benutzer dazu bringen, eine modifizierte URL oder Webseite in seinem Web-Browser zu öffnen.
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat JBoss Fuse 6.3
Red Hat / JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:6.3
|
6.3 |
Es existiert eine Schwachstelle in Red Hat JBoss Fuse und Red Hat JBoss A-MQ. Die Schwachstelle besteht in darin, dass Apache Shiro einen Standardschlüssel für die "remember me" Funktion verwendet. Ein Angreifer kann dieses ausnutzen und unautorisiert Zugriff auf die Inhalte erlangen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss A-MQ 6.3
Red Hat / JBoss A-MQ
|
cpe:/a:redhat:jboss_amq:6.3
|
6.3 | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat JBoss Fuse 6.3
Red Hat / JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:6.3
|
6.3 |
References
6 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "JBoss Fuse ist ein Open Source Enterprise Service Bus (ESB).\r\nJBoss A-MQ ist eine Messaging-Plattform.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat JBoss Fuse und Red Hat JBoss A-MQ ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren, Code mit den Privilegien des angegriffenen Dienstes zur Ausf\u00fchrung bringen, vertrauliche Daten einzusehen, Informationen zu manipulieren oder Sicherheitsmechanismen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3616 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2016/wid-sec-w-2024-3616.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3616 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3616"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2016:2036-1 vom 2016-10-06",
"url": "https://rhn.redhat.com/errata/RHSA-2016-2036.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2016:2035-1 vom 2016-10-06",
"url": "https://rhn.redhat.com/errata/RHSA-2016-2035.html"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA11023 vom 2020-07-08",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11023"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7139-1 vom 2024-12-05",
"url": "https://ubuntu.com/security/notices/USN-7139-1"
}
],
"source_lang": "en-US",
"title": "Red Hat JBoss Fuse: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-12-05T23:00:00.000+00:00",
"generator": {
"date": "2024-12-06T09:15:40.792+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2024-3616",
"initial_release_date": "2016-10-06T22:00:00.000+00:00",
"revision_history": [
{
"date": "2016-10-06T22:00:00.000+00:00",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2016-10-06T22:00:00.000+00:00",
"number": "2",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-10-06T22:00:00.000+00:00",
"number": "3",
"summary": "Version nicht vorhanden"
},
{
"date": "2019-06-18T22:00:00.000+00:00",
"number": "4",
"summary": "Referenz(en) aufgenommen: RHSA-2019:1545"
},
{
"date": "2020-07-08T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Juniper aufgenommen"
},
{
"date": "2024-12-05T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Ubuntu aufgenommen"
}
],
"status": "final",
"version": "6"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c20.1R1",
"product": {
"name": "Juniper Junos Space \u003c20.1R1",
"product_id": "T016874"
}
},
{
"category": "product_version",
"name": "20.1R1",
"product": {
"name": "Juniper Junos Space 20.1R1",
"product_id": "T016874-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:junos_space:20.1r1"
}
}
}
],
"category": "product_name",
"name": "Junos Space"
}
],
"category": "vendor",
"name": "Juniper"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "6.3",
"product": {
"name": "Red Hat JBoss A-MQ 6.3",
"product_id": "T008598",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_amq:6.3"
}
}
}
],
"category": "product_name",
"name": "JBoss A-MQ"
},
{
"branches": [
{
"category": "product_version",
"name": "6.3",
"product": {
"name": "Red Hat JBoss Fuse 6.3",
"product_id": "T008597",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_fuse:6.3"
}
}
}
],
"category": "product_name",
"name": "JBoss Fuse"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-3192",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in Red Hat JBoss Fuse und Red Hat JBoss A-MQ. Die Schwachstelle besteht im Spring Framework und beruht auf der Art und WEise, wie \"inline DTD Deklarationen\" verarbeitet werden. Ein Angreifer kann dieses durch \u00dcbermitteln geeignet gestalteter XML Daten zu einem Denial of Service Angirff nutzen."
}
],
"product_status": {
"known_affected": [
"T008598",
"T000126",
"T016874",
"T008597"
]
},
"release_date": "2016-10-06T22:00:00.000+00:00",
"title": "CVE-2015-3192"
},
{
"cve": "CVE-2015-5344",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in Red Hat JBoss Fuse in der Apache Camel camel-xstream Komponente. Die Schwachstelle beruht auf einem Deseialisierungfehler von Java Objekten. Ein Angreifer kann dieses nutzen und u. a. vertrauliche Daten einsehen oder Code zur Ausf\u00fchrung bringen."
}
],
"product_status": {
"known_affected": [
"T000126",
"T008597"
]
},
"release_date": "2016-10-06T22:00:00.000+00:00",
"title": "CVE-2015-5344"
},
{
"cve": "CVE-2015-5348",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in Red Hat JBoss Fuse. Die Schwachstelle besteht in dem Apache Camels Jetty/Servlet und beruht auf einem Deserialisierungsfehler. Ein Angreifer kann dieses durch \u00dcbermitteln geeignet gestalteter Daten nutzen und beliebigen Code zur Ausf\u00fchrung bringen."
}
],
"product_status": {
"known_affected": [
"T000126",
"T008597"
]
},
"release_date": "2016-10-06T22:00:00.000+00:00",
"title": "CVE-2015-5348"
},
{
"cve": "CVE-2015-7940",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in Red Hat JBoss Fuse und Red Hat JBoss A-MQ in der Komponente \"bouncycastle\". Die Schwachstelle beruht darauf, dass ein Angreifer private Schl\u00fcssel bei Verwendung von elliptischen Kurven in der Kryptographie auslesen kann."
}
],
"product_status": {
"known_affected": [
"T008598",
"T000126",
"T008597"
]
},
"release_date": "2016-10-06T22:00:00.000+00:00",
"title": "CVE-2015-7940"
},
{
"cve": "CVE-2016-2141",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in Red Hat JBoss Fuse. Die Schwachstelle beruht darauf, dass neue Nodes durch JGroups nicht korrekt authentisiert werden. Ein Angreifer kann dieses nutzen und Sicherheitsmechanismen umgehen."
}
],
"product_status": {
"known_affected": [
"T000126",
"T008597"
]
},
"release_date": "2016-10-06T22:00:00.000+00:00",
"title": "CVE-2016-2141"
},
{
"cve": "CVE-2016-2510",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in Red Hat JBoss Fuse im Zusammenhang mit BeanShell. Ein anonymer, entfernter Angreifer kann diese Schwachstelle nutzen, um bei der Deserialisierung einer speziell konstruierten Klassenkette beliebigen Programmcode mit den Rechten des Dienstes auszuf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstelle muss der Angreifer den Benutzer dazu bringen, eine modifizierte URL oder Webseite in seinem Web-Browser zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"T000126",
"T008597"
]
},
"release_date": "2016-10-06T22:00:00.000+00:00",
"title": "CVE-2016-2510"
},
{
"cve": "CVE-2016-4437",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in Red Hat JBoss Fuse und Red Hat JBoss A-MQ. Die Schwachstelle besteht in darin, dass Apache Shiro einen Standardschl\u00fcssel f\u00fcr die \"remember me\" Funktion verwendet. Ein Angreifer kann dieses ausnutzen und unautorisiert Zugriff auf die Inhalte erlangen."
}
],
"product_status": {
"known_affected": [
"T008598",
"T000126",
"T008597"
]
},
"release_date": "2016-10-06T22:00:00.000+00:00",
"title": "CVE-2016-4437"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…