Action not permitted
Modal body text goes here.
CVE-2017-3163
Vulnerability from cvelistv5
Published
2017-08-30 14:00
Modified
2024-09-16 18:39
Severity ?
EPSS score ?
Summary
When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.
References
Impacted products
▼ | Vendor | Product |
---|---|---|
Apache Software Foundation | Apache Solr |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:16:28.303Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2018:1448", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1448" }, { "name": "RHSA-2018:1449", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1449" }, { "name": "RHSA-2018:1450", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1450" }, { "name": "RHSA-2018:1451", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1451" }, { "name": "[solr-user] 20170215 [SECURITY] CVE-2017-3163 Apache Solr ReplicationHandler path traversal attack", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488%40%3Csolr-user.lucene.apache.org%3E" }, { "name": "RHSA-2018:1447", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1447" }, { "name": "DSA-4124", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2018/dsa-4124" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Apache Solr", "vendor": "Apache Software Foundation", "versions": [ { "status": "affected", "version": "1.4.0 to 5.5.3" }, { "status": "affected", "version": "6.0.0 to 6.4.0" } ] } ], "datePublic": "2017-02-15T00:00:00", "descriptions": [ { "lang": "en", "value": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access." } ], "problemTypes": [ { "descriptions": [ { "description": "Information Disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-05-16T09:57:01", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "name": "RHSA-2018:1448", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1448" }, { "name": "RHSA-2018:1449", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1449" }, { "name": "RHSA-2018:1450", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1450" }, { "name": "RHSA-2018:1451", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1451" }, { "name": "[solr-user] 20170215 [SECURITY] CVE-2017-3163 Apache Solr ReplicationHandler path traversal attack", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488%40%3Csolr-user.lucene.apache.org%3E" }, { "name": "RHSA-2018:1447", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1447" }, { "name": "DSA-4124", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2018/dsa-4124" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@apache.org", "DATE_PUBLIC": "2017-02-15T00:00:00", "ID": "CVE-2017-3163", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Apache Solr", "version": { "version_data": [ { "version_value": "1.4.0 to 5.5.3" }, { "version_value": "6.0.0 to 6.4.0" } ] } } ] }, "vendor_name": "Apache Software Foundation" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information Disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2018:1448", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1448" }, { "name": "RHSA-2018:1449", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1449" }, { "name": "RHSA-2018:1450", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1450" }, { "name": "RHSA-2018:1451", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1451" }, { "name": "[solr-user] 20170215 [SECURITY] CVE-2017-3163 Apache Solr ReplicationHandler path traversal attack", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488@%3Csolr-user.lucene.apache.org%3E" }, { "name": "RHSA-2018:1447", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1447" }, { "name": "DSA-4124", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4124" } ] } } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2017-3163", "datePublished": "2017-08-30T14:00:00Z", "dateReserved": "2016-12-05T00:00:00", "dateUpdated": "2024-09-16T18:39:30.795Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2017-3163\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2017-08-30T14:29:00.207\",\"lastModified\":\"2023-11-07T02:44:04.200\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.\"},{\"lang\":\"es\",\"value\":\"Cuando se usa la caracter\u00edstica Index Replication, los nodos Apache Solr pueden tomar archivos index de un nodo master/leader usando una API HTTP que acepta un nombre de archivo. Sin embargo, Solr en versiones anteriores a la 5.5.4 y en versiones 6.x anteriores a la 6.4.1 no valida el nombre de archivo, por lo que fue posible manipular una petici\u00f3n especial que involucre un salto de ruta, dejando expuestos todos los archivos legibles en el proceso de servidor Solr. Los servidores Solr protegidos y restringidos por reglas de firewall y/o autenticaci\u00f3n no estar\u00edan en riesgo ya que solo los clientes y usuarios de confianza obtendr\u00edan acceso HTTP directo.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.5.3\",\"matchCriteriaId\":\"C0CB118A-E405-41E5-B25F-C151B14292A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29F3170C-C5D6-431F-A2DD-692636CF5DAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA339070-A2BD-4559-B400-2BC2EB9923A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B737CF14-C14A-4D97-B838-47EC4A2C68C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"036F935D-B469-47C6-AF5D-3DFC73070753\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42A1A17A-32EA-40A2-9A1E-6019B493B5C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76557E9C-1F16-44D9-ACA1-F4DAEC966F05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE068A02-D47A-4C6C-BFD3-040385599CA5\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1447\",\"source\":\"security@apache.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1448\",\"source\":\"security@apache.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1449\",\"source\":\"security@apache.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1450\",\"source\":\"security@apache.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1451\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://www.debian.org/security/2018/dsa-4124\",\"source\":\"security@apache.org\"}]}}" } }
rhsa-2018_1450
Vulnerability from csaf_redhat
Published
2018-05-14 20:36
Modified
2024-11-25 12:10
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java
applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:1450", "url": "https://access.redhat.com/errata/RHSA-2018:1450" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4" }, { "category": "external", "summary": "1379207", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207" }, { "category": "external", "summary": "1454783", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783" }, { "category": "external", "summary": "1506612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612" }, { "category": "external", "summary": "1528565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565" }, { "category": "external", "summary": "1548289", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289" }, { "category": "external", "summary": "1548909", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909" }, { "category": "external", "summary": "1549276", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276" }, { "category": "external", "summary": "1559009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559009" }, { "category": "external", "summary": "1559012", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559012" }, { "category": "external", "summary": "1559017", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559017" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1450.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update", "tracking": { "current_release_date": "2024-11-25T12:10:12+00:00", "generator": { "date": "2024-11-25T12:10:12+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:1450", "initial_release_date": "2018-05-14T20:36:21+00:00", "revision_history": [ { "date": "2018-05-14T20:36:21+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-05-14T20:36:21+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-25T12:10:12+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el5?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el5?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "product": { "name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "product_id": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "product": { "name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "product_id": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "product": { "name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "product_id": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", "product_id": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product": { "name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_id": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el5?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el5?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "product": { "name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "product_id": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "product": { "name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "product_id": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "product": { "name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "product_id": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "product": { "name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "product_id": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "product": { "name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "product_id": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "product": { "name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "product_id": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "product": { "name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "product_id": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product": { "name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_id": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch" }, "product_reference": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src" }, "product_reference": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch" }, "product_reference": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch" }, "product_reference": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch" }, "product_reference": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch" }, "product_reference": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch" }, "product_reference": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src" }, "product_reference": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch" }, "product_reference": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src" }, "product_reference": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch" }, "product_reference": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" }, "product_reference": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2016-4978", "discovery_date": "2016-09-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1379207" } ], "notes": [ { "category": "description", "text": "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.", "title": "Vulnerability description" }, { "category": "summary", "text": "Artemis: Deserialization of untrusted input vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-4978" }, { "category": "external", "summary": "RHBZ#1379207", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-4978", "url": "https://www.cve.org/CVERecord?id=CVE-2016-4978" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978" } ], "release_date": "2016-09-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:36:21+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1450" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", "version": "3.0" }, "products": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Artemis: Deserialization of untrusted input vulnerability" }, { "cve": "CVE-2017-3163", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2017-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1454783" } ], "notes": [ { "category": "description", "text": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", "title": "Vulnerability description" }, { "category": "summary", "text": "solr: Directory traversal via Index Replication HTTP API", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3163" }, { "category": "external", "summary": "RHBZ#1454783", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3163", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3163" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163" } ], "release_date": "2017-02-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:36:21+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1450" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "solr: Directory traversal via Index Replication HTTP API" }, { "acknowledgments": [ { "names": [ "Liao Xinxi" ], "organization": "NSFOCUS" } ], "cve": "CVE-2017-7525", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-06-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1462702" } ], "notes": [ { "category": "description", "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-7525" }, { "category": "external", "summary": "RHBZ#1462702", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7525" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525" } ], "release_date": "2017-07-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:36:21+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1450" }, { "category": "workaround", "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", "product_ids": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper" }, { "acknowledgments": [ { "names": [ "Liao Xinxi" ], "organization": "NSFOCUS" } ], "cve": "CVE-2017-15095", "cwe": { "id": "CWE-184", "name": "Incomplete List of Disallowed Inputs" }, "discovery_date": "2017-10-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1506612" } ], "notes": [ { "category": "description", "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-15095" }, { "category": "external", "summary": "RHBZ#1506612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-15095", "url": "https://www.cve.org/CVERecord?id=CVE-2017-15095" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095" }, { "category": "external", "summary": "https://access.redhat.com/solutions/3442891", "url": "https://access.redhat.com/solutions/3442891" } ], "release_date": "2017-11-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:36:21+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1450" }, { "category": "workaround", "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", "product_ids": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)" }, { "acknowledgments": [ { "names": [ "0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4" ] } ], "cve": "CVE-2017-17485", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-12-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1528565" } ], "notes": [ { "category": "description", "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-17485" }, { "category": "external", "summary": "RHBZ#1528565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-17485", "url": "https://www.cve.org/CVERecord?id=CVE-2017-17485" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485" }, { "category": "external", "summary": "https://access.redhat.com/solutions/3442891", "url": "https://access.redhat.com/solutions/3442891" } ], "release_date": "2017-12-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:36:21+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1450" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)" }, { "cve": "CVE-2018-1304", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2018-02-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1548289" } ], "notes": [ { "category": "description", "text": "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-1304" }, { "category": "external", "summary": "RHBZ#1548289", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1304", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1304" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304" }, { "category": "external", "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85" }, { "category": "external", "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50" }, { "category": "external", "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28" } ], "release_date": "2018-01-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:36:21+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1450" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources" }, { "cve": "CVE-2018-7489", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2018-02-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1549276" } ], "notes": [ { "category": "description", "text": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", "title": "Vulnerability summary" }, { "category": "other", "text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-7489" }, { "category": "external", "summary": "RHBZ#1549276", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-7489", "url": "https://www.cve.org/CVERecord?id=CVE-2018-7489" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489" }, { "category": "external", "summary": "https://access.redhat.com/solutions/3442891", "url": "https://access.redhat.com/solutions/3442891" } ], "release_date": "2018-02-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:36:21+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1450" }, { "category": "workaround", "details": "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries" }, { "acknowledgments": [ { "names": [ "Chris McCown" ] } ], "cve": "CVE-2018-8088", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2018-02-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1548909" } ], "notes": [ { "category": "description", "text": "An XML deserialization vulnerability was discovered in slf4j\u0027s EventData, which accepts an XML serialized string and can lead to arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-8088" }, { "category": "external", "summary": "RHBZ#1548909", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-8088", "url": "https://www.cve.org/CVERecord?id=CVE-2018-8088" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088" } ], "release_date": "2018-02-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:36:21+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1450" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src", "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch", "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch", "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution" } ] }
rhsa-2018_1449
Vulnerability from csaf_redhat
Published
2018-05-14 20:36
Modified
2024-11-25 12:10
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:1449", "url": "https://access.redhat.com/errata/RHSA-2018:1449" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4" }, { "category": "external", "summary": "1379207", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207" }, { "category": "external", "summary": "1454783", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783" }, { "category": "external", "summary": "1506612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612" }, { "category": "external", "summary": "1528565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565" }, { "category": "external", "summary": "1548289", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289" }, { "category": "external", "summary": "1548909", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909" }, { "category": "external", "summary": "1549276", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276" }, { "category": "external", "summary": "1559008", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559008" }, { "category": "external", "summary": "1559011", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559011" }, { "category": "external", "summary": "1559016", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559016" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1449.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update", "tracking": { "current_release_date": "2024-11-25T12:10:19+00:00", "generator": { "date": "2024-11-25T12:10:19+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:1449", "initial_release_date": "2018-05-14T20:36:31+00:00", "revision_history": [ { "date": "2018-05-14T20:36:31+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-05-14T20:36:31+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-25T12:10:19+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el6?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el6?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "product": { "name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "product_id": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "product": { "name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "product_id": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "product": { "name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "product_id": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", "product_id": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product": { "name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_id": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el6?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el6?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "product": { "name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "product_id": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "product": { "name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "product_id": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "product": { "name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "product_id": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "product": { "name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "product_id": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "product": { "name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "product_id": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "product": { "name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "product_id": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "product": { "name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "product_id": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product": { "name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_id": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch" }, "product_reference": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src" }, "product_reference": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch" }, "product_reference": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch" }, "product_reference": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch" }, "product_reference": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch" }, "product_reference": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch" }, "product_reference": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src" }, "product_reference": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch" }, "product_reference": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src" }, "product_reference": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch" }, "product_reference": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" }, "product_reference": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2016-4978", "discovery_date": "2016-09-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1379207" } ], "notes": [ { "category": "description", "text": "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.", "title": "Vulnerability description" }, { "category": "summary", "text": "Artemis: Deserialization of untrusted input vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-4978" }, { "category": "external", "summary": "RHBZ#1379207", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-4978", "url": "https://www.cve.org/CVERecord?id=CVE-2016-4978" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978" } ], "release_date": "2016-09-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:36:31+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1449" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", "version": "3.0" }, "products": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Artemis: Deserialization of untrusted input vulnerability" }, { "cve": "CVE-2017-3163", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2017-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1454783" } ], "notes": [ { "category": "description", "text": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", "title": "Vulnerability description" }, { "category": "summary", "text": "solr: Directory traversal via Index Replication HTTP API", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3163" }, { "category": "external", "summary": "RHBZ#1454783", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3163", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3163" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163" } ], "release_date": "2017-02-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:36:31+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1449" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "solr: Directory traversal via Index Replication HTTP API" }, { "acknowledgments": [ { "names": [ "Liao Xinxi" ], "organization": "NSFOCUS" } ], "cve": "CVE-2017-7525", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-06-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1462702" } ], "notes": [ { "category": "description", "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-7525" }, { "category": "external", "summary": "RHBZ#1462702", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7525" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525" } ], "release_date": "2017-07-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:36:31+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1449" }, { "category": "workaround", "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", "product_ids": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper" }, { "acknowledgments": [ { "names": [ "Liao Xinxi" ], "organization": "NSFOCUS" } ], "cve": "CVE-2017-15095", "cwe": { "id": "CWE-184", "name": "Incomplete List of Disallowed Inputs" }, "discovery_date": "2017-10-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1506612" } ], "notes": [ { "category": "description", "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-15095" }, { "category": "external", "summary": "RHBZ#1506612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-15095", "url": "https://www.cve.org/CVERecord?id=CVE-2017-15095" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095" }, { "category": "external", "summary": "https://access.redhat.com/solutions/3442891", "url": "https://access.redhat.com/solutions/3442891" } ], "release_date": "2017-11-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:36:31+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1449" }, { "category": "workaround", "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", "product_ids": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)" }, { "acknowledgments": [ { "names": [ "0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4" ] } ], "cve": "CVE-2017-17485", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-12-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1528565" } ], "notes": [ { "category": "description", "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-17485" }, { "category": "external", "summary": "RHBZ#1528565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-17485", "url": "https://www.cve.org/CVERecord?id=CVE-2017-17485" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485" }, { "category": "external", "summary": "https://access.redhat.com/solutions/3442891", "url": "https://access.redhat.com/solutions/3442891" } ], "release_date": "2017-12-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:36:31+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1449" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)" }, { "cve": "CVE-2018-1304", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2018-02-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1548289" } ], "notes": [ { "category": "description", "text": "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-1304" }, { "category": "external", "summary": "RHBZ#1548289", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1304", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1304" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304" }, { "category": "external", "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85" }, { "category": "external", "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50" }, { "category": "external", "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28" } ], "release_date": "2018-01-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:36:31+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1449" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources" }, { "cve": "CVE-2018-7489", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2018-02-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1549276" } ], "notes": [ { "category": "description", "text": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", "title": "Vulnerability summary" }, { "category": "other", "text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-7489" }, { "category": "external", "summary": "RHBZ#1549276", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-7489", "url": "https://www.cve.org/CVERecord?id=CVE-2018-7489" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489" }, { "category": "external", "summary": "https://access.redhat.com/solutions/3442891", "url": "https://access.redhat.com/solutions/3442891" } ], "release_date": "2018-02-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:36:31+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1449" }, { "category": "workaround", "details": "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries" }, { "acknowledgments": [ { "names": [ "Chris McCown" ] } ], "cve": "CVE-2018-8088", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2018-02-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1548909" } ], "notes": [ { "category": "description", "text": "An XML deserialization vulnerability was discovered in slf4j\u0027s EventData, which accepts an XML serialized string and can lead to arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-8088" }, { "category": "external", "summary": "RHBZ#1548909", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-8088", "url": "https://www.cve.org/CVERecord?id=CVE-2018-8088" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088" } ], "release_date": "2018-02-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:36:31+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1449" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src", "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch", "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch", "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution" } ] }
rhsa-2018_1448
Vulnerability from csaf_redhat
Published
2018-05-14 20:36
Modified
2024-11-25 12:10
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:1448", "url": "https://access.redhat.com/errata/RHSA-2018:1448" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4" }, { "category": "external", "summary": "1379207", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207" }, { "category": "external", "summary": "1454783", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783" }, { "category": "external", "summary": "1506612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612" }, { "category": "external", "summary": "1528565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565" }, { "category": "external", "summary": "1548289", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289" }, { "category": "external", "summary": "1548909", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909" }, { "category": "external", "summary": "1549276", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276" }, { "category": "external", "summary": "1559010", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559010" }, { "category": "external", "summary": "1559013", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559013" }, { "category": "external", "summary": "1559018", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559018" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1448.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update", "tracking": { "current_release_date": "2024-11-25T12:10:25+00:00", "generator": { "date": "2024-11-25T12:10:25+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:1448", "initial_release_date": "2018-05-14T20:36:07+00:00", "revision_history": [ { "date": "2018-05-14T20:36:07+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-05-14T20:36:07+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-25T12:10:25+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el7?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el7?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "product": { "name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "product_id": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "product": { "name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "product_id": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "product": { "name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "product_id": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", "product_id": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product": { "name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_id": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el7?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el7?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "product": { "name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "product_id": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "product": { "name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "product_id": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "product": { "name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "product_id": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "product": { "name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "product_id": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "product": { "name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "product_id": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "product": { "name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "product_id": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "product": { "name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "product_id": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product": { "name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_id": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch" }, "product_reference": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src" }, "product_reference": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch" }, "product_reference": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch" }, "product_reference": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch" }, "product_reference": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch" }, "product_reference": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch" }, "product_reference": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src" }, "product_reference": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch" }, "product_reference": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src" }, "product_reference": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch" }, "product_reference": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src" }, "product_reference": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2016-4978", "discovery_date": "2016-09-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1379207" } ], "notes": [ { "category": "description", "text": "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.", "title": "Vulnerability description" }, { "category": "summary", "text": "Artemis: Deserialization of untrusted input vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-4978" }, { "category": "external", "summary": "RHBZ#1379207", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-4978", "url": "https://www.cve.org/CVERecord?id=CVE-2016-4978" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978" } ], "release_date": "2016-09-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:36:07+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1448" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", "version": "3.0" }, "products": [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Artemis: Deserialization of untrusted input vulnerability" }, { "cve": "CVE-2017-3163", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2017-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1454783" } ], "notes": [ { "category": "description", "text": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", "title": "Vulnerability description" }, { "category": "summary", "text": "solr: Directory traversal via Index Replication HTTP API", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3163" }, { "category": "external", "summary": "RHBZ#1454783", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3163", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3163" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163" } ], "release_date": "2017-02-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:36:07+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1448" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "solr: Directory traversal via Index Replication HTTP API" }, { "acknowledgments": [ { "names": [ "Liao Xinxi" ], "organization": "NSFOCUS" } ], "cve": "CVE-2017-15095", "cwe": { "id": "CWE-184", "name": "Incomplete List of Disallowed Inputs" }, "discovery_date": "2017-10-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1506612" } ], "notes": [ { "category": "description", "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-15095" }, { "category": "external", "summary": "RHBZ#1506612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-15095", "url": "https://www.cve.org/CVERecord?id=CVE-2017-15095" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095" }, { "category": "external", "summary": "https://access.redhat.com/solutions/3442891", "url": "https://access.redhat.com/solutions/3442891" } ], "release_date": "2017-11-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:36:07+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1448" }, { "category": "workaround", "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", "product_ids": [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)" }, { "acknowledgments": [ { "names": [ "0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4" ] } ], "cve": "CVE-2017-17485", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-12-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1528565" } ], "notes": [ { "category": "description", "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-17485" }, { "category": "external", "summary": "RHBZ#1528565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-17485", "url": "https://www.cve.org/CVERecord?id=CVE-2017-17485" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485" }, { "category": "external", "summary": "https://access.redhat.com/solutions/3442891", "url": "https://access.redhat.com/solutions/3442891" } ], "release_date": "2017-12-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:36:07+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1448" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)" }, { "cve": "CVE-2018-1304", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2018-02-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1548289" } ], "notes": [ { "category": "description", "text": "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-1304" }, { "category": "external", "summary": "RHBZ#1548289", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1304", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1304" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304" }, { "category": "external", "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85" }, { "category": "external", "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50" }, { "category": "external", "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28" } ], "release_date": "2018-01-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:36:07+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1448" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources" }, { "cve": "CVE-2018-7489", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2018-02-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1549276" } ], "notes": [ { "category": "description", "text": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", "title": "Vulnerability summary" }, { "category": "other", "text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-7489" }, { "category": "external", "summary": "RHBZ#1549276", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-7489", "url": "https://www.cve.org/CVERecord?id=CVE-2018-7489" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489" }, { "category": "external", "summary": "https://access.redhat.com/solutions/3442891", "url": "https://access.redhat.com/solutions/3442891" } ], "release_date": "2018-02-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:36:07+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1448" }, { "category": "workaround", "details": "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries" }, { "acknowledgments": [ { "names": [ "Chris McCown" ] } ], "cve": "CVE-2018-8088", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2018-02-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1548909" } ], "notes": [ { "category": "description", "text": "An XML deserialization vulnerability was discovered in slf4j\u0027s EventData, which accepts an XML serialized string and can lead to arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-8088" }, { "category": "external", "summary": "RHBZ#1548909", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-8088", "url": "https://www.cve.org/CVERecord?id=CVE-2018-8088" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088" } ], "release_date": "2018-02-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:36:07+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1448" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src", "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch", "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch", "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution" } ] }
rhsa-2018_1451
Vulnerability from csaf_redhat
Published
2018-05-14 20:51
Modified
2024-11-25 12:10
Summary
Red Hat Security Advisory: eap6-jboss-ec2-eap security update
Notes
Topic
An update for jboss-ec2-eap is now available for Red Hat JBoss Enterprise
Application Platform 6.4 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise
Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).
With this update, the jboss-ec2-eap package has been updated to ensure
compatibility with Red Hat JBoss Enterprise Application Platform 6.4.19.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for jboss-ec2-eap is now available for Red Hat JBoss Enterprise\nApplication Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise\nApplication Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the jboss-ec2-eap package has been updated to ensure\ncompatibility with Red Hat JBoss Enterprise Application Platform 6.4.19.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:1451", "url": "https://access.redhat.com/errata/RHSA-2018:1451" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4" }, { "category": "external", "summary": "1379207", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207" }, { "category": "external", "summary": "1454783", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783" }, { "category": "external", "summary": "1506612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612" }, { "category": "external", "summary": "1528565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565" }, { "category": "external", "summary": "1548289", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289" }, { "category": "external", "summary": "1548909", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909" }, { "category": "external", "summary": "1549276", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1451.json" } ], "title": "Red Hat Security Advisory: eap6-jboss-ec2-eap security update", "tracking": { "current_release_date": "2024-11-25T12:10:32+00:00", "generator": { "date": "2024-11-25T12:10:32+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:1451", "initial_release_date": "2018-05-14T20:51:07+00:00", "revision_history": [ { "date": "2018-05-14T20:51:07+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-05-14T20:51:07+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-25T12:10:32+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "product": { "name": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "product_id": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-ec2-eap@7.5.20-1.Final_redhat_1.ep6.el6?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "product": { "name": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "product_id": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-ec2-eap@7.5.20-1.Final_redhat_1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "product": { "name": "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "product_id": "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-ec2-eap-samples@7.5.20-1.Final_redhat_1.ep6.el6?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch" }, "product_reference": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src" }, "product_reference": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch" }, "product_reference": "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2016-4978", "discovery_date": "2016-09-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1379207" } ], "notes": [ { "category": "description", "text": "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.", "title": "Vulnerability description" }, { "category": "summary", "text": "Artemis: Deserialization of untrusted input vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-4978" }, { "category": "external", "summary": "RHBZ#1379207", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-4978", "url": "https://www.cve.org/CVERecord?id=CVE-2016-4978" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978" } ], "release_date": "2016-09-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:51:07+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1451" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", "version": "3.0" }, "products": [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Artemis: Deserialization of untrusted input vulnerability" }, { "cve": "CVE-2017-3163", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2017-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1454783" } ], "notes": [ { "category": "description", "text": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", "title": "Vulnerability description" }, { "category": "summary", "text": "solr: Directory traversal via Index Replication HTTP API", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3163" }, { "category": "external", "summary": "RHBZ#1454783", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3163", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3163" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163" } ], "release_date": "2017-02-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:51:07+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1451" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "solr: Directory traversal via Index Replication HTTP API" }, { "acknowledgments": [ { "names": [ "Liao Xinxi" ], "organization": "NSFOCUS" } ], "cve": "CVE-2017-15095", "cwe": { "id": "CWE-184", "name": "Incomplete List of Disallowed Inputs" }, "discovery_date": "2017-10-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1506612" } ], "notes": [ { "category": "description", "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-15095" }, { "category": "external", "summary": "RHBZ#1506612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-15095", "url": "https://www.cve.org/CVERecord?id=CVE-2017-15095" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095" }, { "category": "external", "summary": "https://access.redhat.com/solutions/3442891", "url": "https://access.redhat.com/solutions/3442891" } ], "release_date": "2017-11-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:51:07+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1451" }, { "category": "workaround", "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", "product_ids": [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)" }, { "acknowledgments": [ { "names": [ "0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4" ] } ], "cve": "CVE-2017-17485", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-12-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1528565" } ], "notes": [ { "category": "description", "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-17485" }, { "category": "external", "summary": "RHBZ#1528565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-17485", "url": "https://www.cve.org/CVERecord?id=CVE-2017-17485" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485" }, { "category": "external", "summary": "https://access.redhat.com/solutions/3442891", "url": "https://access.redhat.com/solutions/3442891" } ], "release_date": "2017-12-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:51:07+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1451" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)" }, { "cve": "CVE-2018-1304", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2018-02-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1548289" } ], "notes": [ { "category": "description", "text": "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-1304" }, { "category": "external", "summary": "RHBZ#1548289", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1304", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1304" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304" }, { "category": "external", "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85" }, { "category": "external", "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50" }, { "category": "external", "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28" } ], "release_date": "2018-01-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:51:07+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1451" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources" }, { "cve": "CVE-2018-7489", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2018-02-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1549276" } ], "notes": [ { "category": "description", "text": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", "title": "Vulnerability summary" }, { "category": "other", "text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-7489" }, { "category": "external", "summary": "RHBZ#1549276", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-7489", "url": "https://www.cve.org/CVERecord?id=CVE-2018-7489" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489" }, { "category": "external", "summary": "https://access.redhat.com/solutions/3442891", "url": "https://access.redhat.com/solutions/3442891" } ], "release_date": "2018-02-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:51:07+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1451" }, { "category": "workaround", "details": "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries" }, { "acknowledgments": [ { "names": [ "Chris McCown" ] } ], "cve": "CVE-2018-8088", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2018-02-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1548909" } ], "notes": [ { "category": "description", "text": "An XML deserialization vulnerability was discovered in slf4j\u0027s EventData, which accepts an XML serialized string and can lead to arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-8088" }, { "category": "external", "summary": "RHBZ#1548909", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-8088", "url": "https://www.cve.org/CVERecord?id=CVE-2018-8088" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088" } ], "release_date": "2018-02-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:51:07+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1451" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution" } ] }
rhsa-2018_1447
Vulnerability from csaf_redhat
Published
2018-05-14 20:15
Modified
2024-11-25 12:10
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update
Notes
Topic
Updated packages that provide Red Hat JBoss Enterprise Application Platform
6.4.20, fixes several bugs, and adds various enhancements are now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java
applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated packages that provide Red Hat JBoss Enterprise Application Platform\n6.4.20, fixes several bugs, and adds various enhancements are now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:1447", "url": "https://access.redhat.com/errata/RHSA-2018:1447" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4" }, { "category": "external", "summary": "1379207", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207" }, { "category": "external", "summary": "1454783", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783" }, { "category": "external", "summary": "1506612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612" }, { "category": "external", "summary": "1528565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565" }, { "category": "external", "summary": "1548289", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289" }, { "category": "external", "summary": "1548909", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909" }, { "category": "external", "summary": "1549276", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1447.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update", "tracking": { "current_release_date": "2024-11-25T12:10:38+00:00", "generator": { "date": "2024-11-25T12:10:38+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:1447", "initial_release_date": "2018-05-14T20:15:33+00:00", "revision_history": [ { "date": "2018-05-14T20:15:33+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-05-14T20:15:33+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-25T12:10:38+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 6.4", "product": { "name": "Red Hat JBoss Enterprise Application Platform 6.4", "product_id": "Red Hat JBoss Enterprise Application Platform 6.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6.4" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2016-4978", "discovery_date": "2016-09-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1379207" } ], "notes": [ { "category": "description", "text": "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.", "title": "Vulnerability description" }, { "category": "summary", "text": "Artemis: Deserialization of untrusted input vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-4978" }, { "category": "external", "summary": "RHBZ#1379207", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-4978", "url": "https://www.cve.org/CVERecord?id=CVE-2016-4978" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978" } ], "release_date": "2016-09-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:15:33+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.4" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1447" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", "version": "3.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Artemis: Deserialization of untrusted input vulnerability" }, { "cve": "CVE-2017-3163", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2017-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1454783" } ], "notes": [ { "category": "description", "text": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", "title": "Vulnerability description" }, { "category": "summary", "text": "solr: Directory traversal via Index Replication HTTP API", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3163" }, { "category": "external", "summary": "RHBZ#1454783", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3163", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3163" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163" } ], "release_date": "2017-02-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:15:33+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.4" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1447" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "solr: Directory traversal via Index Replication HTTP API" }, { "acknowledgments": [ { "names": [ "Liao Xinxi" ], "organization": "NSFOCUS" } ], "cve": "CVE-2017-15095", "cwe": { "id": "CWE-184", "name": "Incomplete List of Disallowed Inputs" }, "discovery_date": "2017-10-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1506612" } ], "notes": [ { "category": "description", "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-15095" }, { "category": "external", "summary": "RHBZ#1506612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-15095", "url": "https://www.cve.org/CVERecord?id=CVE-2017-15095" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095" }, { "category": "external", "summary": "https://access.redhat.com/solutions/3442891", "url": "https://access.redhat.com/solutions/3442891" } ], "release_date": "2017-11-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:15:33+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.4" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1447" }, { "category": "workaround", "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)" }, { "acknowledgments": [ { "names": [ "0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4" ] } ], "cve": "CVE-2017-17485", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-12-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1528565" } ], "notes": [ { "category": "description", "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-17485" }, { "category": "external", "summary": "RHBZ#1528565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-17485", "url": "https://www.cve.org/CVERecord?id=CVE-2017-17485" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485" }, { "category": "external", "summary": "https://access.redhat.com/solutions/3442891", "url": "https://access.redhat.com/solutions/3442891" } ], "release_date": "2017-12-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:15:33+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.4" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1447" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)" }, { "cve": "CVE-2018-1304", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2018-02-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1548289" } ], "notes": [ { "category": "description", "text": "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-1304" }, { "category": "external", "summary": "RHBZ#1548289", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1304", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1304" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304" }, { "category": "external", "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85", "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85" }, { "category": "external", "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50", "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50" }, { "category": "external", "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28", "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28" } ], "release_date": "2018-01-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:15:33+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.4" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1447" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources" }, { "cve": "CVE-2018-7489", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2018-02-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1549276" } ], "notes": [ { "category": "description", "text": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries", "title": "Vulnerability summary" }, { "category": "other", "text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-7489" }, { "category": "external", "summary": "RHBZ#1549276", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-7489", "url": "https://www.cve.org/CVERecord?id=CVE-2018-7489" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489" }, { "category": "external", "summary": "https://access.redhat.com/solutions/3442891", "url": "https://access.redhat.com/solutions/3442891" } ], "release_date": "2018-02-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:15:33+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.4" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1447" }, { "category": "workaround", "details": "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries" }, { "acknowledgments": [ { "names": [ "Chris McCown" ] } ], "cve": "CVE-2018-8088", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2018-02-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1548909" } ], "notes": [ { "category": "description", "text": "An XML deserialization vulnerability was discovered in slf4j\u0027s EventData, which accepts an XML serialized string and can lead to arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-8088" }, { "category": "external", "summary": "RHBZ#1548909", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-8088", "url": "https://www.cve.org/CVERecord?id=CVE-2018-8088" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088" } ], "release_date": "2018-02-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-05-14T20:15:33+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.4" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:1447" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution" } ] }
ghsa-387v-84cv-9qmc
Vulnerability from github
Published
2018-10-18 16:40
Modified
2022-09-17 00:06
Severity ?
Summary
Improper Limitation of a Pathname ('Path Traversal') in org.apache.solr:solr-core
Details
When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.
{ "affected": [ { "package": { "ecosystem": "Maven", "name": "org.apache.solr:solr-core" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "5.5.4" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "Maven", "name": "org.apache.solr:solr-core" }, "ranges": [ { "events": [ { "introduced": "6.0.0" }, { "fixed": "6.4.1" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2017-3163" ], "database_specific": { "cwe_ids": [ "CWE-22" ], "github_reviewed": true, "github_reviewed_at": "2020-06-16T20:54:26Z", "nvd_published_at": null, "severity": "HIGH" }, "details": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", "id": "GHSA-387v-84cv-9qmc", "modified": "2022-09-17T00:06:46Z", "published": "2018-10-18T16:40:43Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2018:1447" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2018:1448" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2018:1449" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2018:1450" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2018:1451" }, { "type": "ADVISORY", "url": "https://github.com/advisories/GHSA-387v-84cv-9qmc" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488@%3Csolr-user.lucene.apache.org%3E" }, { "type": "WEB", "url": "https://www.debian.org/security/2018/dsa-4124" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "type": "CVSS_V3" } ], "summary": "Improper Limitation of a Pathname (\u0027Path Traversal\u0027) in org.apache.solr:solr-core" }
gsd-2017-3163
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2017-3163", "description": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", "id": "GSD-2017-3163", "references": [ "https://www.debian.org/security/2018/dsa-4124", "https://access.redhat.com/errata/RHSA-2018:1451", "https://access.redhat.com/errata/RHSA-2018:1450", "https://access.redhat.com/errata/RHSA-2018:1449", "https://access.redhat.com/errata/RHSA-2018:1448", "https://access.redhat.com/errata/RHSA-2018:1447" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2017-3163" ], "details": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", "id": "GSD-2017-3163", "modified": "2023-12-13T01:21:15.991931Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "security@apache.org", "DATE_PUBLIC": "2017-02-15T00:00:00", "ID": "CVE-2017-3163", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Apache Solr", "version": { "version_data": [ { "version_value": "1.4.0 to 5.5.3" }, { "version_value": "6.0.0 to 6.4.0" } ] } } ] }, "vendor_name": "Apache Software Foundation" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information Disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2018:1448", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1448" }, { "name": "RHSA-2018:1449", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1449" }, { "name": "RHSA-2018:1450", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1450" }, { "name": "RHSA-2018:1451", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1451" }, { "name": "[solr-user] 20170215 [SECURITY] CVE-2017-3163 Apache Solr ReplicationHandler path traversal attack", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488@%3Csolr-user.lucene.apache.org%3E" }, { "name": "RHSA-2018:1447", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1447" }, { "name": "DSA-4124", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4124" } ] } }, "gitlab.com": { "advisories": [ { "affected_range": "(,5.5.3],[6.0.0,6.0.1],[6.1.0,6.2.1],[6.3.0,6.4.0]", "affected_versions": "All versions up to 5.5.3, all versions starting from 6.0.0 up to 6.0.1, all versions starting from 6.1.0 up to 6.2.1, all versions starting from 6.3.0 up to 6.4.0", "credit": "Hrishikesh Gadre of Cloudra Inc.", "cvss_v2": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "cwe_ids": [ "CWE-1035", "CWE-22", "CWE-937" ], "date": "2018-05-17", "description": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name Solr does not validate the file name, hence it is possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.", "fixed_versions": [ "5.5.4", "6.4.1" ], "identifier": "CVE-2017-3163", "identifiers": [ "CVE-2017-3163" ], "not_impacted": "All versions after 5.5.3 before 6.0.0, all versions after 6.0.1 before 6.1.0, all versions after 6.2.1 before 6.3.0, all versions after 6.4.0", "package_slug": "maven/org.apache.solr/solr-core", "pubdate": "2017-08-30", "solution": "Upgrade to versions 5.5.4, 6.4.1 or above.", "title": "Path traversal attack", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2017-3163", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3163", "https://issues.apache.org/jira/browse/SOLR-10031" ], "uuid": "071188ba-0adf-446d-9569-e9acb76bb5ee" } ] }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apache:solr:6.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:solr:6.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:solr:6.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:solr:6.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:solr:6.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "5.5.3", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:solr:6.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:solr:6.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "security@apache.org", "ID": "CVE-2017-3163" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-22" } ] } ] }, "references": { "reference_data": [ { "name": "[solr-user] 20170215 [SECURITY] CVE-2017-3163 Apache Solr ReplicationHandler path traversal attack", "refsource": "MLIST", "tags": [ "Mailing List", "Vendor Advisory" ], "url": "https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488@%3Csolr-user.lucene.apache.org%3E" }, { "name": "DSA-4124", "refsource": "DEBIAN", "tags": [], "url": "https://www.debian.org/security/2018/dsa-4124" }, { "name": "RHSA-2018:1451", "refsource": "REDHAT", "tags": [], "url": "https://access.redhat.com/errata/RHSA-2018:1451" }, { "name": "RHSA-2018:1450", "refsource": "REDHAT", "tags": [], "url": "https://access.redhat.com/errata/RHSA-2018:1450" }, { "name": "RHSA-2018:1449", "refsource": "REDHAT", "tags": [], "url": "https://access.redhat.com/errata/RHSA-2018:1449" }, { "name": "RHSA-2018:1448", "refsource": "REDHAT", "tags": [], "url": "https://access.redhat.com/errata/RHSA-2018:1448" }, { "name": "RHSA-2018:1447", "refsource": "REDHAT", "tags": [], "url": "https://access.redhat.com/errata/RHSA-2018:1447" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } }, "lastModifiedDate": "2018-05-17T01:29Z", "publishedDate": "2017-08-30T14:29Z" } } }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.