Vulnerability-Lookup

CVE-2018-10237 (GCVE-0-2018-10237)

Vulnerability from cvelistv5 – Published: 2018-04-26 21:00 – Updated: 2024-08-05 07:32

Summary

Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable.

Severity

No CVSS data available.

CWE

Assigner

mitre

References

53 references

URL	Tags
https://access.redhat.com/errata/RHSA-2018:2428	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2740	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2741	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2742	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2598	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2643	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2424	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2423	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2425	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2927	vendor-advisoryx_refsource_REDHAT
http://www.securitytracker.com/id/1041707	vdb-entryx_refsource_SECTRACK
https://access.redhat.com/errata/RHSA-2018:2743	vendor-advisoryx_refsource_REDHAT
https://lists.apache.org/thread.html/cc48fe770c45…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/19fa48533bc7…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/ff8dcfe29377…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/3ddd79c801ed…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/3d5dbdd92ac9…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/33c6bccfeb7a…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/053d9ce4d579…	mailing-listx_refsource_MLIST
https://access.redhat.com/errata/RHSA-2019:2858	vendor-advisoryx_refsource_REDHAT
https://lists.apache.org/thread.html/b0656d359c7d…	mailing-listx_refsource_MLIST
https://access.redhat.com/errata/RHSA-2019:3149	vendor-advisoryx_refsource_REDHAT
https://lists.apache.org/thread.html/519eb0fd4564…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/f9bc3e55f4e2…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r27eb79a87a7…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r95799427b33…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/rc78f6e84f82…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/ra0adb9653c7…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/rd0c8ec6e044…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r38e2ab87528…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r2ea4e5e5aa8…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r43491b25b2e…	mailing-listx_refsource_MLIST
https://www.oracle.com/security-alerts/cpuapr2020.html	x_refsource_MISC
https://lists.apache.org/thread.html/rc8467f357b9…	mailing-listx_refsource_MLIST
https://www.oracle.com/security-alerts/cpujul2020.html	x_refsource_MISC
https://groups.google.com/d/topic/guava-announce/…	x_refsource_CONFIRM
https://lists.apache.org/thread.html/r02e39d7beb3…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r02e39d7beb3…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r50fc0bcc734…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/rdc56c15693c…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/ra8906723927…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/ra4f44016926…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/rb3da574c34b…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r223bc776a07…	mailing-listx_refsource_MLIST
https://www.oracle.com/security-alerts/cpujan2021.html	x_refsource_MISC
https://lists.apache.org/thread.html/r841c5e14e1b…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r22c8173b804…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r352e40ca987…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r30e7d7b6bfa…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r3c3b33ee5be…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/rd01f5ff0164…	mailing-listx_refsource_MLIST
https://www.oracle.com/security-alerts/cpuoct2021.html	x_refsource_MISC
https://security.netapp.com/advisory/ntap-2022062…	x_refsource_CONFIRM

Date Public

2018-04-26 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:32:01.750Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2018:2428",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2428"
          },
          {
            "name": "RHSA-2018:2740",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2740"
          },
          {
            "name": "RHSA-2018:2741",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2741"
          },
          {
            "name": "RHSA-2018:2742",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2742"
          },
          {
            "name": "RHSA-2018:2598",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2598"
          },
          {
            "name": "RHSA-2018:2643",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2643"
          },
          {
            "name": "RHSA-2018:2424",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2424"
          },
          {
            "name": "RHSA-2018:2423",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2423"
          },
          {
            "name": "RHSA-2018:2425",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2425"
          },
          {
            "name": "RHSA-2018:2927",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2927"
          },
          {
            "name": "1041707",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041707"
          },
          {
            "name": "RHSA-2018:2743",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2743"
          },
          {
            "name": "[hadoop-hdfs-dev] 20190401 Update guava to 27.0-jre in hadoop-project",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/cc48fe770c45a74dc3b37ed0817393e0c96701fc49bc431ed922f3cc%40%3Chdfs-dev.hadoop.apache.org%3E"
          },
          {
            "name": "[hadoop-common-dev] 20190401 Update guava to 27.0-jre in hadoop-project",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/19fa48533bc7ea1accf6b12746a74ed888ae6e49a5cf81ae4f807495%40%3Ccommon-dev.hadoop.apache.org%3E"
          },
          {
            "name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E"
          },
          {
            "name": "[activemq-issues] 20190516 [jira] [Created] (AMQ-7208) Security Issue related to Guava 18.0",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/3ddd79c801edd99c0978e83dbe2168ebd36fd42acfa5dac38fb03dd6%40%3Cissues.activemq.apache.org%3E"
          },
          {
            "name": "[activemq-gitbox] 20190530 [GitHub] [activemq-artemis] brusdev opened a new pull request #2687: ARTEMIS-2359 Upgrade to Guava 24.1",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/3d5dbdd92ac9ceaef90e40f78599f9109f2f345252e0ac9d98e7e084%40%3Cgitbox.activemq.apache.org%3E"
          },
          {
            "name": "[cassandra-commits] 20190612 [jira] [Assigned] (CASSANDRA-14760) CVE-2018-10237 Security vulnerability in 3.11.3",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/33c6bccfeb7adf644d4d79894ca8f09370be6ed4b20632c2e228d085%40%3Ccommits.cassandra.apache.org%3E"
          },
          {
            "name": "[activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E"
          },
          {
            "name": "RHSA-2019:2858",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:2858"
          },
          {
            "name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E"
          },
          {
            "name": "RHSA-2019:3149",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:3149"
          },
          {
            "name": "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E"
          },
          {
            "name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E"
          },
          {
            "name": "[cxf-dev] 20200206 [GitHub] [cxf] davidkarlsen opened a new pull request #638: upgrade guava, CVE-2018-10237",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r27eb79a87a760335226dbfa6a7b7bffea539a535f8e80c41e482106d%40%3Cdev.cxf.apache.org%3E"
          },
          {
            "name": "[cxf-dev] 20200206 [GitHub] [cxf] reta commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r95799427b335807a4c54776908125c3e66597b65845ae50096d9278a%40%3Cdev.cxf.apache.org%3E"
          },
          {
            "name": "[cxf-dev] 20200211 [GitHub] [cxf] coheigea commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rc78f6e84f82cc662860e96526d8ab969f34dbe12dc560e22d9d147a3%40%3Cdev.cxf.apache.org%3E"
          },
          {
            "name": "[kafka-users] 20200413 CVEs for the dependency software guava and rocksdbjni of Kafka",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b%40%3Cusers.kafka.apache.org%3E"
          },
          {
            "name": "[cxf-dev] 20200420 [GitHub] [cxf] coheigea commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rd0c8ec6e044aa2958dd0549ebf8ecead7f5968c9474ba73a504161b2%40%3Cdev.cxf.apache.org%3E"
          },
          {
            "name": "[cxf-dev] 20200420 [GitHub] [cxf] reta commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r38e2ab87528d3c904e7fac496e8fd766b9277656ff95b97d6b6b6dcd%40%3Cdev.cxf.apache.org%3E"
          },
          {
            "name": "[cxf-dev] 20200420 [GitHub] [cxf] andrei-ivanov commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r2ea4e5e5aa8ad73b001a466c582899620961f47d77a40af712c1fdf9%40%3Cdev.cxf.apache.org%3E"
          },
          {
            "name": "[syncope-dev] 20200423 Re: Time to cut 2.1.6 / 2.0.15?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r43491b25b2e5c368c34b106a82eff910a5cea3e90de82ad75cc16540%40%3Cdev.syncope.apache.org%3E"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
          },
          {
            "name": "[hadoop-common-dev] 20200623 Update guava to 27.0-jre in hadoop branch-2.10",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rc8467f357b943ceaa86f289f8bc1a5d1c7955b75d3bac1426f2d4ac1%40%3Ccommon-dev.hadoop.apache.org%3E"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion"
          },
          {
            "name": "[flink-dev] 20200806 Dependency vulnerabilities with Apache Flink 1.10.1 version",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb%40%3Cdev.flink.apache.org%3E"
          },
          {
            "name": "[flink-user] 20200806 Dependency vulnerabilities with Apache Flink 1.10.1 version",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb%40%3Cuser.flink.apache.org%3E"
          },
          {
            "name": "[flink-dev] 20200806 [jira] [Created] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r50fc0bcc734dd82e691d36d209258683141bfc0083739a77e56ad92d%40%3Cdev.flink.apache.org%3E"
          },
          {
            "name": "[flink-issues] 20200806 [jira] [Created] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rdc56c15693c236e31e1e95f847b8e5e74fc0a05741d47488e7fc8c45%40%3Cissues.flink.apache.org%3E"
          },
          {
            "name": "[flink-issues] 20200814 [jira] [Commented] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/ra8906723927aef2a599398c238eacfc845b74d812e0093ec2fc70a7d%40%3Cissues.flink.apache.org%3E"
          },
          {
            "name": "[lucene-issues] 20201022 [jira] [Created] (SOLR-14960) Solr-clustering is bringing in CVE-2018-10237 vulnerable guava",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/ra4f44016926dcb034b3b230280a18102062f94ae55b8a31bb92fed84%40%3Cissues.lucene.apache.org%3E"
          },
          {
            "name": "[lucene-issues] 20201022 [jira] [Updated] (SOLR-14960) Solr-clustering is bringing in CVE-2018-10237 vulnerable guava",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rb3da574c34bc6bd37972d2266af3093b90d7e437460423c24f477919%40%3Cissues.lucene.apache.org%3E"
          },
          {
            "name": "[lucene-issues] 20201022 [jira] [Resolved] (SOLR-14960) Solr-clustering is bringing in CVE-2018-10237 vulnerable guava",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r223bc776a077d0795786c38cbc6e7dd808fce1a9161b00ba9c0a5d55%40%3Cissues.lucene.apache.org%3E"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
          },
          {
            "name": "[maven-issues] 20210122 [GitHub] [maven-indexer] akurtakov opened a new pull request #75: Remove guava dependency from indexer-core",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E"
          },
          {
            "name": "[flink-issues] 20210212 [jira] [Closed] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r22c8173b804cd4a420c43064ba4e363d0022aa421008b1989f7354d4%40%3Cissues.flink.apache.org%3E"
          },
          {
            "name": "[samza-commits] 20210310 [GitHub] [samza] Telesia opened a new pull request #1471: SAMZA-2630: Upgrade dependencies for security fixes",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21%40%3Ccommits.samza.apache.org%3E"
          },
          {
            "name": "[storm-issues] 20210315 [jira] [Created] (STORM-3754) Upgrade Guava version because of security vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r30e7d7b6bfa630dacc41649a0e96dad75165d50474c1241068aa0f94%40%3Cissues.storm.apache.org%3E"
          },
          {
            "name": "[pulsar-commits] 20210406 [GitHub] [pulsar] lhotari opened a new pull request #10149: Upgrade jclouds to 2.3.0 to fix security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E"
          },
          {
            "name": "[arrow-github] 20210610 [GitHub] [arrow] projjal opened a new pull request #10501: ARROW-13032: Update guava version",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20220629-0008/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-04-26T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-06-29T18:07:18.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2018:2428",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2428"
        },
        {
          "name": "RHSA-2018:2740",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2740"
        },
        {
          "name": "RHSA-2018:2741",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2741"
        },
        {
          "name": "RHSA-2018:2742",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2742"
        },
        {
          "name": "RHSA-2018:2598",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2598"
        },
        {
          "name": "RHSA-2018:2643",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2643"
        },
        {
          "name": "RHSA-2018:2424",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2424"
        },
        {
          "name": "RHSA-2018:2423",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2423"
        },
        {
          "name": "RHSA-2018:2425",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2425"
        },
        {
          "name": "RHSA-2018:2927",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2927"
        },
        {
          "name": "1041707",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041707"
        },
        {
          "name": "RHSA-2018:2743",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2743"
        },
        {
          "name": "[hadoop-hdfs-dev] 20190401 Update guava to 27.0-jre in hadoop-project",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/cc48fe770c45a74dc3b37ed0817393e0c96701fc49bc431ed922f3cc%40%3Chdfs-dev.hadoop.apache.org%3E"
        },
        {
          "name": "[hadoop-common-dev] 20190401 Update guava to 27.0-jre in hadoop-project",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/19fa48533bc7ea1accf6b12746a74ed888ae6e49a5cf81ae4f807495%40%3Ccommon-dev.hadoop.apache.org%3E"
        },
        {
          "name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E"
        },
        {
          "name": "[activemq-issues] 20190516 [jira] [Created] (AMQ-7208) Security Issue related to Guava 18.0",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/3ddd79c801edd99c0978e83dbe2168ebd36fd42acfa5dac38fb03dd6%40%3Cissues.activemq.apache.org%3E"
        },
        {
          "name": "[activemq-gitbox] 20190530 [GitHub] [activemq-artemis] brusdev opened a new pull request #2687: ARTEMIS-2359 Upgrade to Guava 24.1",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/3d5dbdd92ac9ceaef90e40f78599f9109f2f345252e0ac9d98e7e084%40%3Cgitbox.activemq.apache.org%3E"
        },
        {
          "name": "[cassandra-commits] 20190612 [jira] [Assigned] (CASSANDRA-14760) CVE-2018-10237 Security vulnerability in 3.11.3",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/33c6bccfeb7adf644d4d79894ca8f09370be6ed4b20632c2e228d085%40%3Ccommits.cassandra.apache.org%3E"
        },
        {
          "name": "[activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E"
        },
        {
          "name": "RHSA-2019:2858",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:2858"
        },
        {
          "name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E"
        },
        {
          "name": "RHSA-2019:3149",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:3149"
        },
        {
          "name": "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E"
        },
        {
          "name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E"
        },
        {
          "name": "[cxf-dev] 20200206 [GitHub] [cxf] davidkarlsen opened a new pull request #638: upgrade guava, CVE-2018-10237",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r27eb79a87a760335226dbfa6a7b7bffea539a535f8e80c41e482106d%40%3Cdev.cxf.apache.org%3E"
        },
        {
          "name": "[cxf-dev] 20200206 [GitHub] [cxf] reta commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r95799427b335807a4c54776908125c3e66597b65845ae50096d9278a%40%3Cdev.cxf.apache.org%3E"
        },
        {
          "name": "[cxf-dev] 20200211 [GitHub] [cxf] coheigea commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rc78f6e84f82cc662860e96526d8ab969f34dbe12dc560e22d9d147a3%40%3Cdev.cxf.apache.org%3E"
        },
        {
          "name": "[kafka-users] 20200413 CVEs for the dependency software guava and rocksdbjni of Kafka",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b%40%3Cusers.kafka.apache.org%3E"
        },
        {
          "name": "[cxf-dev] 20200420 [GitHub] [cxf] coheigea commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rd0c8ec6e044aa2958dd0549ebf8ecead7f5968c9474ba73a504161b2%40%3Cdev.cxf.apache.org%3E"
        },
        {
          "name": "[cxf-dev] 20200420 [GitHub] [cxf] reta commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r38e2ab87528d3c904e7fac496e8fd766b9277656ff95b97d6b6b6dcd%40%3Cdev.cxf.apache.org%3E"
        },
        {
          "name": "[cxf-dev] 20200420 [GitHub] [cxf] andrei-ivanov commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r2ea4e5e5aa8ad73b001a466c582899620961f47d77a40af712c1fdf9%40%3Cdev.cxf.apache.org%3E"
        },
        {
          "name": "[syncope-dev] 20200423 Re: Time to cut 2.1.6 / 2.0.15?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r43491b25b2e5c368c34b106a82eff910a5cea3e90de82ad75cc16540%40%3Cdev.syncope.apache.org%3E"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
        },
        {
          "name": "[hadoop-common-dev] 20200623 Update guava to 27.0-jre in hadoop branch-2.10",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rc8467f357b943ceaa86f289f8bc1a5d1c7955b75d3bac1426f2d4ac1%40%3Ccommon-dev.hadoop.apache.org%3E"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion"
        },
        {
          "name": "[flink-dev] 20200806 Dependency vulnerabilities with Apache Flink 1.10.1 version",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb%40%3Cdev.flink.apache.org%3E"
        },
        {
          "name": "[flink-user] 20200806 Dependency vulnerabilities with Apache Flink 1.10.1 version",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb%40%3Cuser.flink.apache.org%3E"
        },
        {
          "name": "[flink-dev] 20200806 [jira] [Created] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r50fc0bcc734dd82e691d36d209258683141bfc0083739a77e56ad92d%40%3Cdev.flink.apache.org%3E"
        },
        {
          "name": "[flink-issues] 20200806 [jira] [Created] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rdc56c15693c236e31e1e95f847b8e5e74fc0a05741d47488e7fc8c45%40%3Cissues.flink.apache.org%3E"
        },
        {
          "name": "[flink-issues] 20200814 [jira] [Commented] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/ra8906723927aef2a599398c238eacfc845b74d812e0093ec2fc70a7d%40%3Cissues.flink.apache.org%3E"
        },
        {
          "name": "[lucene-issues] 20201022 [jira] [Created] (SOLR-14960) Solr-clustering is bringing in CVE-2018-10237 vulnerable guava",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/ra4f44016926dcb034b3b230280a18102062f94ae55b8a31bb92fed84%40%3Cissues.lucene.apache.org%3E"
        },
        {
          "name": "[lucene-issues] 20201022 [jira] [Updated] (SOLR-14960) Solr-clustering is bringing in CVE-2018-10237 vulnerable guava",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rb3da574c34bc6bd37972d2266af3093b90d7e437460423c24f477919%40%3Cissues.lucene.apache.org%3E"
        },
        {
          "name": "[lucene-issues] 20201022 [jira] [Resolved] (SOLR-14960) Solr-clustering is bringing in CVE-2018-10237 vulnerable guava",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r223bc776a077d0795786c38cbc6e7dd808fce1a9161b00ba9c0a5d55%40%3Cissues.lucene.apache.org%3E"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
        },
        {
          "name": "[maven-issues] 20210122 [GitHub] [maven-indexer] akurtakov opened a new pull request #75: Remove guava dependency from indexer-core",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E"
        },
        {
          "name": "[flink-issues] 20210212 [jira] [Closed] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r22c8173b804cd4a420c43064ba4e363d0022aa421008b1989f7354d4%40%3Cissues.flink.apache.org%3E"
        },
        {
          "name": "[samza-commits] 20210310 [GitHub] [samza] Telesia opened a new pull request #1471: SAMZA-2630: Upgrade dependencies for security fixes",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21%40%3Ccommits.samza.apache.org%3E"
        },
        {
          "name": "[storm-issues] 20210315 [jira] [Created] (STORM-3754) Upgrade Guava version because of security vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r30e7d7b6bfa630dacc41649a0e96dad75165d50474c1241068aa0f94%40%3Cissues.storm.apache.org%3E"
        },
        {
          "name": "[pulsar-commits] 20210406 [GitHub] [pulsar] lhotari opened a new pull request #10149: Upgrade jclouds to 2.3.0 to fix security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E"
        },
        {
          "name": "[arrow-github] 20210610 [GitHub] [arrow] projjal opened a new pull request #10501: ARROW-13032: Update guava version",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20220629-0008/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-10237",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2018:2428",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2428"
            },
            {
              "name": "RHSA-2018:2740",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2740"
            },
            {
              "name": "RHSA-2018:2741",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2741"
            },
            {
              "name": "RHSA-2018:2742",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2742"
            },
            {
              "name": "RHSA-2018:2598",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2598"
            },
            {
              "name": "RHSA-2018:2643",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2643"
            },
            {
              "name": "RHSA-2018:2424",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2424"
            },
            {
              "name": "RHSA-2018:2423",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2423"
            },
            {
              "name": "RHSA-2018:2425",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2425"
            },
            {
              "name": "RHSA-2018:2927",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2927"
            },
            {
              "name": "1041707",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041707"
            },
            {
              "name": "RHSA-2018:2743",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2743"
            },
            {
              "name": "[hadoop-hdfs-dev] 20190401 Update guava to 27.0-jre in hadoop-project",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/cc48fe770c45a74dc3b37ed0817393e0c96701fc49bc431ed922f3cc@%3Chdfs-dev.hadoop.apache.org%3E"
            },
            {
              "name": "[hadoop-common-dev] 20190401 Update guava to 27.0-jre in hadoop-project",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/19fa48533bc7ea1accf6b12746a74ed888ae6e49a5cf81ae4f807495@%3Ccommon-dev.hadoop.apache.org%3E"
            },
            {
              "name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E"
            },
            {
              "name": "[activemq-issues] 20190516 [jira] [Created] (AMQ-7208) Security Issue related to Guava 18.0",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/3ddd79c801edd99c0978e83dbe2168ebd36fd42acfa5dac38fb03dd6@%3Cissues.activemq.apache.org%3E"
            },
            {
              "name": "[activemq-gitbox] 20190530 [GitHub] [activemq-artemis] brusdev opened a new pull request #2687: ARTEMIS-2359 Upgrade to Guava 24.1",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/3d5dbdd92ac9ceaef90e40f78599f9109f2f345252e0ac9d98e7e084@%3Cgitbox.activemq.apache.org%3E"
            },
            {
              "name": "[cassandra-commits] 20190612 [jira] [Assigned] (CASSANDRA-14760) CVE-2018-10237 Security vulnerability in 3.11.3",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/33c6bccfeb7adf644d4d79894ca8f09370be6ed4b20632c2e228d085@%3Ccommits.cassandra.apache.org%3E"
            },
            {
              "name": "[activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E"
            },
            {
              "name": "RHSA-2019:2858",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:2858"
            },
            {
              "name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E"
            },
            {
              "name": "RHSA-2019:3149",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:3149"
            },
            {
              "name": "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"
            },
            {
              "name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"
            },
            {
              "name": "[cxf-dev] 20200206 [GitHub] [cxf] davidkarlsen opened a new pull request #638: upgrade guava, CVE-2018-10237",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r27eb79a87a760335226dbfa6a7b7bffea539a535f8e80c41e482106d@%3Cdev.cxf.apache.org%3E"
            },
            {
              "name": "[cxf-dev] 20200206 [GitHub] [cxf] reta commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r95799427b335807a4c54776908125c3e66597b65845ae50096d9278a@%3Cdev.cxf.apache.org%3E"
            },
            {
              "name": "[cxf-dev] 20200211 [GitHub] [cxf] coheigea commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rc78f6e84f82cc662860e96526d8ab969f34dbe12dc560e22d9d147a3@%3Cdev.cxf.apache.org%3E"
            },
            {
              "name": "[kafka-users] 20200413 CVEs for the dependency software guava and rocksdbjni of Kafka",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b@%3Cusers.kafka.apache.org%3E"
            },
            {
              "name": "[cxf-dev] 20200420 [GitHub] [cxf] coheigea commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rd0c8ec6e044aa2958dd0549ebf8ecead7f5968c9474ba73a504161b2@%3Cdev.cxf.apache.org%3E"
            },
            {
              "name": "[cxf-dev] 20200420 [GitHub] [cxf] reta commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r38e2ab87528d3c904e7fac496e8fd766b9277656ff95b97d6b6b6dcd@%3Cdev.cxf.apache.org%3E"
            },
            {
              "name": "[cxf-dev] 20200420 [GitHub] [cxf] andrei-ivanov commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r2ea4e5e5aa8ad73b001a466c582899620961f47d77a40af712c1fdf9@%3Cdev.cxf.apache.org%3E"
            },
            {
              "name": "[syncope-dev] 20200423 Re: Time to cut 2.1.6 / 2.0.15?",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r43491b25b2e5c368c34b106a82eff910a5cea3e90de82ad75cc16540@%3Cdev.syncope.apache.org%3E"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
            },
            {
              "name": "[hadoop-common-dev] 20200623 Update guava to 27.0-jre in hadoop branch-2.10",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rc8467f357b943ceaa86f289f8bc1a5d1c7955b75d3bac1426f2d4ac1@%3Ccommon-dev.hadoop.apache.org%3E"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujul2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
            },
            {
              "name": "https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion",
              "refsource": "CONFIRM",
              "url": "https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion"
            },
            {
              "name": "[flink-dev] 20200806 Dependency vulnerabilities with Apache Flink 1.10.1 version",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb@%3Cdev.flink.apache.org%3E"
            },
            {
              "name": "[flink-user] 20200806 Dependency vulnerabilities with Apache Flink 1.10.1 version",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb@%3Cuser.flink.apache.org%3E"
            },
            {
              "name": "[flink-dev] 20200806 [jira] [Created] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r50fc0bcc734dd82e691d36d209258683141bfc0083739a77e56ad92d@%3Cdev.flink.apache.org%3E"
            },
            {
              "name": "[flink-issues] 20200806 [jira] [Created] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rdc56c15693c236e31e1e95f847b8e5e74fc0a05741d47488e7fc8c45@%3Cissues.flink.apache.org%3E"
            },
            {
              "name": "[flink-issues] 20200814 [jira] [Commented] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/ra8906723927aef2a599398c238eacfc845b74d812e0093ec2fc70a7d@%3Cissues.flink.apache.org%3E"
            },
            {
              "name": "[lucene-issues] 20201022 [jira] [Created] (SOLR-14960) Solr-clustering is bringing in CVE-2018-10237 vulnerable guava",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/ra4f44016926dcb034b3b230280a18102062f94ae55b8a31bb92fed84@%3Cissues.lucene.apache.org%3E"
            },
            {
              "name": "[lucene-issues] 20201022 [jira] [Updated] (SOLR-14960) Solr-clustering is bringing in CVE-2018-10237 vulnerable guava",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rb3da574c34bc6bd37972d2266af3093b90d7e437460423c24f477919@%3Cissues.lucene.apache.org%3E"
            },
            {
              "name": "[lucene-issues] 20201022 [jira] [Resolved] (SOLR-14960) Solr-clustering is bringing in CVE-2018-10237 vulnerable guava",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r223bc776a077d0795786c38cbc6e7dd808fce1a9161b00ba9c0a5d55@%3Cissues.lucene.apache.org%3E"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujan2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
            },
            {
              "name": "[maven-issues] 20210122 [GitHub] [maven-indexer] akurtakov opened a new pull request #75: Remove guava dependency from indexer-core",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba@%3Cissues.maven.apache.org%3E"
            },
            {
              "name": "[flink-issues] 20210212 [jira] [Closed] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r22c8173b804cd4a420c43064ba4e363d0022aa421008b1989f7354d4@%3Cissues.flink.apache.org%3E"
            },
            {
              "name": "[samza-commits] 20210310 [GitHub] [samza] Telesia opened a new pull request #1471: SAMZA-2630: Upgrade dependencies for security fixes",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21@%3Ccommits.samza.apache.org%3E"
            },
            {
              "name": "[storm-issues] 20210315 [jira] [Created] (STORM-3754) Upgrade Guava version because of security vulnerability",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r30e7d7b6bfa630dacc41649a0e96dad75165d50474c1241068aa0f94@%3Cissues.storm.apache.org%3E"
            },
            {
              "name": "[pulsar-commits] 20210406 [GitHub] [pulsar] lhotari opened a new pull request #10149: Upgrade jclouds to 2.3.0 to fix security vulnerabilities",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748@%3Ccommits.pulsar.apache.org%3E"
            },
            {
              "name": "[arrow-github] 20210610 [GitHub] [arrow] projjal opened a new pull request #10501: ARROW-13032: Update guava version",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95@%3Cgithub.arrow.apache.org%3E"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20220629-0008/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20220629-0008/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-10237",
    "datePublished": "2018-04-26T21:00:00.000Z",
    "dateReserved": "2018-04-20T00:00:00.000Z",
    "dateUpdated": "2024-08-05T07:32:01.750Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2018-10237",
      "date": "2026-05-27",
      "epss": "0.03259",
      "percentile": "0.87323"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:google:guava:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.0\", \"versionEndExcluding\": \"24.1.1\", \"matchCriteriaId\": \"4FD69F7A-64FF-4993-8DB5-072403998803\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F87326E-0B56-4356-A889-73D026DB1D4B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"704CFA1A-953E-4105-BFBE-406034B83DED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:satellite:6.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB283C80-F7AF-4776-8432-655E50D7D65B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:satellite_capsule:6.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"461407B5-C167-4DE1-A934-FD5ADFB4AD4E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:virtualization:4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8C66E6D-8AD2-4709-BD18-ED9EAF9D8546\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB28F9AF-3D06-4532-B397-96D7E4792503\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B142ACCC-F7A9-4A3B-BE60-0D6691D5058D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B1ABA871-3271-48E2-A69C-5AD70AF94E53\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"868C0845-F25C-487F-A697-72917BE9D78E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"064E7BDD-4EF0-4A0D-A38D-8C75BAFEDCEF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6BBD7A51-0590-4DDF-8249-5AFA8D645CB6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB28F9AF-3D06-4532-B397-96D7E4792503\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B142ACCC-F7A9-4A3B-BE60-0D6691D5058D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B1ABA871-3271-48E2-A69C-5AD70AF94E53\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1D8B549B-E57B-4DFE-8A13-CAB06B5356B3\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B142ACCC-F7A9-4A3B-BE60-0D6691D5058D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B1ABA871-3271-48E2-A69C-5AD70AF94E53\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"868C0845-F25C-487F-A697-72917BE9D78E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:banking_payments:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.4.0\", \"matchCriteriaId\": \"2FF46C9A-7768-4E52-A676-BEA6AE766AD4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_ip_service_activator:7.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE48E0FE-5931-441C-B4FF-253BD9C48186\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE7A60DB-A287-4E61-8131-B6314007191B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"727DF4F5-3D21-491E-96B9-EC973A6C9C18\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:database_server:12.2.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C614BA7-7103-4ED7-ADD0-56064FE256A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:database_server:18c:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6833701E-5510-4180-9523-9CFD318DEE6A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:database_server:19c:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2204841-585F-40C7-A1D9-C34E612808CA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:flexcube_investor_servicing:12.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"21BE77B2-6368-470E-B9E6-21664D9A818A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:flexcube_investor_servicing:12.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3250073F-325A-4AFC-892F-F2005E3854A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:flexcube_investor_servicing:12.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0DDDC9C2-33D6-4123-9ABC-C9B809A6E88E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:flexcube_investor_servicing:14.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"991A279B-9D7C-4E39-8827-BC21C2C03B83\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:flexcube_investor_servicing:14.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A69266D2-72D0-4A6C-883D-2597FE30931B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:flexcube_private_banking:12.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6762F207-93C7-4363-B2F9-7A7C6F8AF993\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B74B912-152D-4F38-9FC1-741D6D0B27FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"42064F46-3012-4FB1-89BA-F13C2E4CBB6B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_integration_bus:16.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F73E2EFA-0F43-4D92-8C7D-9E66811B76D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0ED83E3-E6BF-4EAA-AF8F-33485A88A218\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11DA6839-849D-4CEF-85F3-38FE75E07183\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BCE78490-A4BE-40BD-8C72-0A4526BBD4A4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"55AE3629-4A66-49E4-A33D-6D81CC94962F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F14A818F-AA16-4438-A3E4-E64C9287AC66\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable.\"}, {\"lang\": \"es\", \"value\": \"Asignaci\\u00f3n de memoria sin restringir en Google Guava 11.0 hasta las versiones 24.x anteriores a la 24.1.1 permite que los atacantes remotos realicen ataques de denegaci\\u00f3n de servicio (DoS) contra servidores que dependen de esta librer\\u00eda y que deserialicen datos proporcionados por dichos atacantes debido a que la clase AtomicDoubleArray (cuando se serializa con serializaci\\u00f3n Java) y la clase CompoundOrdering (cuando se serializa con serializaci\\u00f3n GWT) realiza una asignaci\\u00f3n sin comprobar adecuadamente lo que ha enviado un cliente y si el tama\\u00f1o de los datos es razonable.\"}]",
      "id": "CVE-2018-10237",
      "lastModified": "2024-11-21T03:41:04.663",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.9, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:N/A:P\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-04-26T21:29:00.230",
      "references": "[{\"url\": \"http://www.securitytracker.com/id/1041707\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2423\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2424\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2425\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2428\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2598\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2643\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2740\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2741\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2742\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2743\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2927\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:2858\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3149\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/19fa48533bc7ea1accf6b12746a74ed888ae6e49a5cf81ae4f807495%40%3Ccommon-dev.hadoop.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/33c6bccfeb7adf644d4d79894ca8f09370be6ed4b20632c2e228d085%40%3Ccommits.cassandra.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/3d5dbdd92ac9ceaef90e40f78599f9109f2f345252e0ac9d98e7e084%40%3Cgitbox.activemq.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/3ddd79c801edd99c0978e83dbe2168ebd36fd42acfa5dac38fb03dd6%40%3Cissues.activemq.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/cc48fe770c45a74dc3b37ed0817393e0c96701fc49bc431ed922f3cc%40%3Chdfs-dev.hadoop.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb%40%3Cdev.flink.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb%40%3Cuser.flink.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r223bc776a077d0795786c38cbc6e7dd808fce1a9161b00ba9c0a5d55%40%3Cissues.lucene.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r22c8173b804cd4a420c43064ba4e363d0022aa421008b1989f7354d4%40%3Cissues.flink.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r27eb79a87a760335226dbfa6a7b7bffea539a535f8e80c41e482106d%40%3Cdev.cxf.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r2ea4e5e5aa8ad73b001a466c582899620961f47d77a40af712c1fdf9%40%3Cdev.cxf.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r30e7d7b6bfa630dacc41649a0e96dad75165d50474c1241068aa0f94%40%3Cissues.storm.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21%40%3Ccommits.samza.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r38e2ab87528d3c904e7fac496e8fd766b9277656ff95b97d6b6b6dcd%40%3Cdev.cxf.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r43491b25b2e5c368c34b106a82eff910a5cea3e90de82ad75cc16540%40%3Cdev.syncope.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r50fc0bcc734dd82e691d36d209258683141bfc0083739a77e56ad92d%40%3Cdev.flink.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r95799427b335807a4c54776908125c3e66597b65845ae50096d9278a%40%3Cdev.cxf.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b%40%3Cusers.kafka.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/ra4f44016926dcb034b3b230280a18102062f94ae55b8a31bb92fed84%40%3Cissues.lucene.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/ra8906723927aef2a599398c238eacfc845b74d812e0093ec2fc70a7d%40%3Cissues.flink.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rb3da574c34bc6bd37972d2266af3093b90d7e437460423c24f477919%40%3Cissues.lucene.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rc78f6e84f82cc662860e96526d8ab969f34dbe12dc560e22d9d147a3%40%3Cdev.cxf.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rc8467f357b943ceaa86f289f8bc1a5d1c7955b75d3bac1426f2d4ac1%40%3Ccommon-dev.hadoop.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rd0c8ec6e044aa2958dd0549ebf8ecead7f5968c9474ba73a504161b2%40%3Cdev.cxf.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rdc56c15693c236e31e1e95f847b8e5e74fc0a05741d47488e7fc8c45%40%3Cissues.flink.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220629-0008/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2020.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2021.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2020.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2021.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securitytracker.com/id/1041707\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2423\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2424\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2425\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2428\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2598\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2643\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2740\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2741\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2742\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2743\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2927\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:2858\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3149\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/19fa48533bc7ea1accf6b12746a74ed888ae6e49a5cf81ae4f807495%40%3Ccommon-dev.hadoop.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/33c6bccfeb7adf644d4d79894ca8f09370be6ed4b20632c2e228d085%40%3Ccommits.cassandra.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/3d5dbdd92ac9ceaef90e40f78599f9109f2f345252e0ac9d98e7e084%40%3Cgitbox.activemq.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/3ddd79c801edd99c0978e83dbe2168ebd36fd42acfa5dac38fb03dd6%40%3Cissues.activemq.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/cc48fe770c45a74dc3b37ed0817393e0c96701fc49bc431ed922f3cc%40%3Chdfs-dev.hadoop.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb%40%3Cdev.flink.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb%40%3Cuser.flink.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r223bc776a077d0795786c38cbc6e7dd808fce1a9161b00ba9c0a5d55%40%3Cissues.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r22c8173b804cd4a420c43064ba4e363d0022aa421008b1989f7354d4%40%3Cissues.flink.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r27eb79a87a760335226dbfa6a7b7bffea539a535f8e80c41e482106d%40%3Cdev.cxf.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r2ea4e5e5aa8ad73b001a466c582899620961f47d77a40af712c1fdf9%40%3Cdev.cxf.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r30e7d7b6bfa630dacc41649a0e96dad75165d50474c1241068aa0f94%40%3Cissues.storm.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21%40%3Ccommits.samza.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r38e2ab87528d3c904e7fac496e8fd766b9277656ff95b97d6b6b6dcd%40%3Cdev.cxf.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r43491b25b2e5c368c34b106a82eff910a5cea3e90de82ad75cc16540%40%3Cdev.syncope.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r50fc0bcc734dd82e691d36d209258683141bfc0083739a77e56ad92d%40%3Cdev.flink.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r95799427b335807a4c54776908125c3e66597b65845ae50096d9278a%40%3Cdev.cxf.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b%40%3Cusers.kafka.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/ra4f44016926dcb034b3b230280a18102062f94ae55b8a31bb92fed84%40%3Cissues.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/ra8906723927aef2a599398c238eacfc845b74d812e0093ec2fc70a7d%40%3Cissues.flink.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rb3da574c34bc6bd37972d2266af3093b90d7e437460423c24f477919%40%3Cissues.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rc78f6e84f82cc662860e96526d8ab969f34dbe12dc560e22d9d147a3%40%3Cdev.cxf.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rc8467f357b943ceaa86f289f8bc1a5d1c7955b75d3bac1426f2d4ac1%40%3Ccommon-dev.hadoop.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rd0c8ec6e044aa2958dd0549ebf8ecead7f5968c9474ba73a504161b2%40%3Cdev.cxf.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rdc56c15693c236e31e1e95f847b8e5e74fc0a05741d47488e7fc8c45%40%3Cissues.flink.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220629-0008/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2020.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2021.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2020.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2021.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-770\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-10237\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-04-26T21:29:00.230\",\"lastModified\":\"2024-11-21T03:41:04.663\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable.\"},{\"lang\":\"es\",\"value\":\"Asignaci\u00f3n de memoria sin restringir en Google Guava 11.0 hasta las versiones 24.x anteriores a la 24.1.1 permite que los atacantes remotos realicen ataques de denegaci\u00f3n de servicio (DoS) contra servidores que dependen de esta librer\u00eda y que deserialicen datos proporcionados por dichos atacantes debido a que la clase AtomicDoubleArray (cuando se serializa con serializaci\u00f3n Java) y la clase CompoundOrdering (cuando se serializa con serializaci\u00f3n GWT) realiza una asignaci\u00f3n sin comprobar adecuadamente lo que ha enviado un cliente y si el tama\u00f1o de los datos es razonable.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:guava:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0\",\"versionEndExcluding\":\"24.1.1\",\"matchCriteriaId\":\"4FD69F7A-64FF-4993-8DB5-072403998803\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F87326E-0B56-4356-A889-73D026DB1D4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"704CFA1A-953E-4105-BFBE-406034B83DED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:satellite:6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB283C80-F7AF-4776-8432-655E50D7D65B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:satellite_capsule:6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"461407B5-C167-4DE1-A934-FD5ADFB4AD4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:virtualization:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8C66E6D-8AD2-4709-BD18-ED9EAF9D8546\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB28F9AF-3D06-4532-B397-96D7E4792503\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B142ACCC-F7A9-4A3B-BE60-0D6691D5058D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1ABA871-3271-48E2-A69C-5AD70AF94E53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"868C0845-F25C-487F-A697-72917BE9D78E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"064E7BDD-4EF0-4A0D-A38D-8C75BAFEDCEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BBD7A51-0590-4DDF-8249-5AFA8D645CB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB28F9AF-3D06-4532-B397-96D7E4792503\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B142ACCC-F7A9-4A3B-BE60-0D6691D5058D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1ABA871-3271-48E2-A69C-5AD70AF94E53\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D8B549B-E57B-4DFE-8A13-CAB06B5356B3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B142ACCC-F7A9-4A3B-BE60-0D6691D5058D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1ABA871-3271-48E2-A69C-5AD70AF94E53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"868C0845-F25C-487F-A697-72917BE9D78E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_payments:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.4.0\",\"matchCriteriaId\":\"2FF46C9A-7768-4E52-A676-BEA6AE766AD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_ip_service_activator:7.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE48E0FE-5931-441C-B4FF-253BD9C48186\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE7A60DB-A287-4E61-8131-B6314007191B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"727DF4F5-3D21-491E-96B9-EC973A6C9C18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database_server:12.2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C614BA7-7103-4ED7-ADD0-56064FE256A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database_server:18c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6833701E-5510-4180-9523-9CFD318DEE6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database_server:19c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2204841-585F-40C7-A1D9-C34E612808CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_investor_servicing:12.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21BE77B2-6368-470E-B9E6-21664D9A818A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_investor_servicing:12.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3250073F-325A-4AFC-892F-F2005E3854A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_investor_servicing:12.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DDDC9C2-33D6-4123-9ABC-C9B809A6E88E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_investor_servicing:14.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"991A279B-9D7C-4E39-8827-BC21C2C03B83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_investor_servicing:14.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A69266D2-72D0-4A6C-883D-2597FE30931B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_private_banking:12.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6762F207-93C7-4363-B2F9-7A7C6F8AF993\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B74B912-152D-4F38-9FC1-741D6D0B27FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42064F46-3012-4FB1-89BA-F13C2E4CBB6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_integration_bus:16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F73E2EFA-0F43-4D92-8C7D-9E66811B76D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0ED83E3-E6BF-4EAA-AF8F-33485A88A218\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11DA6839-849D-4CEF-85F3-38FE75E07183\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCE78490-A4BE-40BD-8C72-0A4526BBD4A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55AE3629-4A66-49E4-A33D-6D81CC94962F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F14A818F-AA16-4438-A3E4-E64C9287AC66\"}]}]}],\"references\":[{\"url\":\"http://www.securitytracker.com/id/1041707\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2423\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2424\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2425\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2428\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2598\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2643\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2740\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2741\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2742\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2743\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2927\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:2858\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3149\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/19fa48533bc7ea1accf6b12746a74ed888ae6e49a5cf81ae4f807495%40%3Ccommon-dev.hadoop.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/33c6bccfeb7adf644d4d79894ca8f09370be6ed4b20632c2e228d085%40%3Ccommits.cassandra.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/3d5dbdd92ac9ceaef90e40f78599f9109f2f345252e0ac9d98e7e084%40%3Cgitbox.activemq.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/3ddd79c801edd99c0978e83dbe2168ebd36fd42acfa5dac38fb03dd6%40%3Cissues.activemq.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/cc48fe770c45a74dc3b37ed0817393e0c96701fc49bc431ed922f3cc%40%3Chdfs-dev.hadoop.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb%40%3Cdev.flink.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb%40%3Cuser.flink.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/r223bc776a077d0795786c38cbc6e7dd808fce1a9161b00ba9c0a5d55%40%3Cissues.lucene.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/r22c8173b804cd4a420c43064ba4e363d0022aa421008b1989f7354d4%40%3Cissues.flink.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/r27eb79a87a760335226dbfa6a7b7bffea539a535f8e80c41e482106d%40%3Cdev.cxf.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/r2ea4e5e5aa8ad73b001a466c582899620961f47d77a40af712c1fdf9%40%3Cdev.cxf.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/r30e7d7b6bfa630dacc41649a0e96dad75165d50474c1241068aa0f94%40%3Cissues.storm.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21%40%3Ccommits.samza.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/r38e2ab87528d3c904e7fac496e8fd766b9277656ff95b97d6b6b6dcd%40%3Cdev.cxf.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/r43491b25b2e5c368c34b106a82eff910a5cea3e90de82ad75cc16540%40%3Cdev.syncope.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/r50fc0bcc734dd82e691d36d209258683141bfc0083739a77e56ad92d%40%3Cdev.flink.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/r95799427b335807a4c54776908125c3e66597b65845ae50096d9278a%40%3Cdev.cxf.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b%40%3Cusers.kafka.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/ra4f44016926dcb034b3b230280a18102062f94ae55b8a31bb92fed84%40%3Cissues.lucene.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/ra8906723927aef2a599398c238eacfc845b74d812e0093ec2fc70a7d%40%3Cissues.flink.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/rb3da574c34bc6bd37972d2266af3093b90d7e437460423c24f477919%40%3Cissues.lucene.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/rc78f6e84f82cc662860e96526d8ab969f34dbe12dc560e22d9d147a3%40%3Cdev.cxf.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/rc8467f357b943ceaa86f289f8bc1a5d1c7955b75d3bac1426f2d4ac1%40%3Ccommon-dev.hadoop.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/rd0c8ec6e044aa2958dd0549ebf8ecead7f5968c9474ba73a504161b2%40%3Cdev.cxf.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/rdc56c15693c236e31e1e95f847b8e5e74fc0a05741d47488e7fc8c45%40%3Cissues.flink.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20220629-0008/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1041707\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2423\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2424\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2425\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2428\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2598\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2643\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2740\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2741\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2742\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2743\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2927\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:2858\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3149\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/19fa48533bc7ea1accf6b12746a74ed888ae6e49a5cf81ae4f807495%40%3Ccommon-dev.hadoop.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/33c6bccfeb7adf644d4d79894ca8f09370be6ed4b20632c2e228d085%40%3Ccommits.cassandra.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/3d5dbdd92ac9ceaef90e40f78599f9109f2f345252e0ac9d98e7e084%40%3Cgitbox.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/3ddd79c801edd99c0978e83dbe2168ebd36fd42acfa5dac38fb03dd6%40%3Cissues.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/cc48fe770c45a74dc3b37ed0817393e0c96701fc49bc431ed922f3cc%40%3Chdfs-dev.hadoop.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb%40%3Cdev.flink.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb%40%3Cuser.flink.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r223bc776a077d0795786c38cbc6e7dd808fce1a9161b00ba9c0a5d55%40%3Cissues.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r22c8173b804cd4a420c43064ba4e363d0022aa421008b1989f7354d4%40%3Cissues.flink.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r27eb79a87a760335226dbfa6a7b7bffea539a535f8e80c41e482106d%40%3Cdev.cxf.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r2ea4e5e5aa8ad73b001a466c582899620961f47d77a40af712c1fdf9%40%3Cdev.cxf.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r30e7d7b6bfa630dacc41649a0e96dad75165d50474c1241068aa0f94%40%3Cissues.storm.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21%40%3Ccommits.samza.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r38e2ab87528d3c904e7fac496e8fd766b9277656ff95b97d6b6b6dcd%40%3Cdev.cxf.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r43491b25b2e5c368c34b106a82eff910a5cea3e90de82ad75cc16540%40%3Cdev.syncope.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r50fc0bcc734dd82e691d36d209258683141bfc0083739a77e56ad92d%40%3Cdev.flink.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r95799427b335807a4c54776908125c3e66597b65845ae50096d9278a%40%3Cdev.cxf.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b%40%3Cusers.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/ra4f44016926dcb034b3b230280a18102062f94ae55b8a31bb92fed84%40%3Cissues.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/ra8906723927aef2a599398c238eacfc845b74d812e0093ec2fc70a7d%40%3Cissues.flink.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rb3da574c34bc6bd37972d2266af3093b90d7e437460423c24f477919%40%3Cissues.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rc78f6e84f82cc662860e96526d8ab969f34dbe12dc560e22d9d147a3%40%3Cdev.cxf.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rc8467f357b943ceaa86f289f8bc1a5d1c7955b75d3bac1426f2d4ac1%40%3Ccommon-dev.hadoop.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rd0c8ec6e044aa2958dd0549ebf8ecead7f5968c9474ba73a504161b2%40%3Cdev.cxf.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rdc56c15693c236e31e1e95f847b8e5e74fc0a05741d47488e7fc8c45%40%3Cissues.flink.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20220629-0008/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
  }
}

CERTFR-2026-AVI-0556

Vulnerability from certfr_avis - Published: 2026-05-11 - Updated: 2026-05-11

De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
VMware	Tanzu	Tanzu RabbitMQ on Kubernetes versions 31.3.x antérieures à 3.13.15
VMware	Tanzu Greenplum	Tanzu Greenplum Streaming Server For Kubernetes versions antérieures à 1.3.0
VMware	Tanzu	Tanzu Data Flow on Kubernetes versions antérieures à 2.1.0
VMware	Tanzu	Tanzu RabbitMQ on Kubernetes versions 4.0.x antérieures à 4.0.20
VMware	Tanzu Greenplum	Tanzu Greenplum Backup and Restore versions antérieures à1.33.0
VMware	Tanzu Greenplum	Tanzu Greenplum Data Copy Utility versions antérieures à 2.9.3
VMware	Tanzu	Tanzu for Valkey on Kubernetes versions antérieures à 3.3.4
VMware	Tanzu Greenplum	Tanzu Greenplum Command Center versions 6.17.x antérieures à 6.17.0
VMware	Tanzu Greenplum	Tanzu Greenplum on Kubernetes versions antérieures à 1.1.0
VMware	Tanzu Greenplum	Tanzu Greenplum Platform Extension Framework versions antérieures à 8.0.0
VMware	Tanzu	Tanzu RabbitMQ on Kubernetes versions 4.2.x antérieures à 4.2.6
VMware	Tanzu Greenplum	Tanzu Greenplum Text versions antérieures à 4.0.0
VMware	Tanzu Greenplum	Tanzu Greenplum Streaming Server versions antérieures à 2.3.0
VMware	Tanzu	Tanzu RabbitMQ on Kubernetes versions 4.3.x antérieures à 4.3.0
VMware	Tanzu	Tanzu for Valkey on Kubernetes versions antérieures à 3.4.0
VMware	Tanzu Gemfire	Tanzu GemFire versions antérieures à 10.2.3
VMware	Tanzu Greenplum	Tanzu Greenplum Upgrade versions antérieures à 2.0.0
VMware	Tanzu Greenplum	Tanzu Greenplumversions antérieures à 7.8.0
VMware	Tanzu Gemfire	Tanzu GemFire Vector Database versions antérieures à 1.2.2
VMware	Tanzu Greenplum	Tanzu Greenplum versions antérieures à 6.33.0
VMware	Tanzu Greenplum	Tanzu Greenplum Command Center versions 7.7.x antérieures à 7.7.0
VMware	Tanzu	Tanzu RabbitMQ on Kubernetes versions 4.1.x antérieures à 4.1.11
VMware	Tanzu	Tanzu for MySQL on Kubernetes versions antérieures à 2.0.3

References

Title

Publication Time

cleanstart-2026-rn56220

Vulnerability from cleanstart

Published

2026-05-18 13:26

Modified

2026-05-12 18:00

Summary

Security fixes for CVE-2015-3254, CVE-2018-10237, CVE-2018-11798, CVE-2018-1320, CVE-2018-20200, CVE-2019-0205, CVE-2020-8908, CVE-2021-0341, CVE-2021-41973, CVE-2022-1471, CVE-2022-24823, CVE-2022-3171, CVE-2022-3509, CVE-2022-3510, CVE-2022-41881, CVE-2023-2976, CVE-2023-34462, CVE-2023-44487, CVE-2023-46120, CVE-2024-13009, CVE-2024-29025, CVE-2024-40094, CVE-2024-47535, CVE-2024-6763, CVE-2024-7254, CVE-2025-11143, CVE-2025-25193, CVE-2025-46392, CVE-2025-48734, CVE-2025-48924, CVE-2025-53864, CVE-2025-55163, CVE-2025-58056, CVE-2025-58057, CVE-2025-59419, CVE-2025-67735, CVE-2026-1225, CVE-2026-21452, CVE-2026-27315, CVE-2026-32588, CVE-2026-33870, CVE-2026-33871, CVE-2026-41409, CVE-2026-41417, CVE-2026-41635, CVE-2026-42578, CVE-2026-42579, CVE-2026-42580, CVE-2026-42581, CVE-2026-42583, CVE-2026-42584, CVE-2026-42585, CVE-2026-42586, CVE-2026-42587, CVE-2026-42778, CVE-2026-42779, CVE-2026-44248, ghsa-269q-hmxg-m83q, ghsa-389x-839f-4rhx, ghsa-38f8-5428-x5cv, ghsa-3cqm-mf7h-prrj, ghsa-3p8m-j85q-pgmj, ghsa-45q3-82m4-75jr, ghsa-4gg5-vx3j-xwc7, ghsa-57rv-r2g8-2cj3, ghsa-5jpm-x58v-624v, ghsa-5mg8-w23w-74h3, ghsa-6mjq-h674-j845, ghsa-72hv-8253-57qq, ghsa-735f-pc8j-v9w8, ghsa-7g45-4rm6-3mm3, ghsa-8297-v2rf-2p32, ghsa-84h7-rjj3-6jx4, ghsa-995c-6rp3-4m4x, ghsa-cm33-6792-r9fm, ghsa-cw39-r4h6-8j3x, ghsa-f2wh-grmh-r6jm, ghsa-f6hv-jmp6-3vwv, ghsa-fghv-69vj-qj49, ghsa-fh34-c629-p8xj, ghsa-fx2c-96vj-985v, ghsa-g5ww-5jh7-63cx, ghsa-h4h5-3hr4-j3g2, ghsa-h9mq-f6q5-6c8m, ghsa-j288-q9x7-2f5v, ghsa-jfg9-48mv-9qgx, ghsa-jq43-27x9-3v86, ghsa-m4cv-j2px-7723, ghsa-mj4r-2hfc-f8p6, ghsa-mjmj-j48q-9wg2, ghsa-mm8h-8587-p46h, ghsa-mvr2-9pj6-7w5j, ghsa-prj3-ccx8-p6x4, ghsa-pvp8-3xj6-8c6x, ghsa-pwqr-wmgm-9rr8, ghsa-qffm-gf3j-6mvg, ghsa-qh8g-58pp-2wxh, ghsa-qqpg-mvqg-649v, ghsa-rgrr-p7gp-5xj7, ghsa-rj7p-rfgp-852x, ghsa-v8h7-rr48-vmmv, ghsa-vf5j-865m-mq7c, ghsa-vx85-mj8c-4qm6, ghsa-w33c-445m-f8w7, ghsa-w9fj-cfpg-grvv, ghsa-wjpw-4j6x-6rwh, ghsa-wjxj-f8rg-99wx, ghsa-wxr5-93ph-8wr9, ghsa-xpw8-rcwv-8f8p, ghsa-xq3w-v528-46rv, ghsa-xwmg-2g98-w7v9, ghsa-xxqh-mfjm-7mv9 applied in versions: 2.0.44-r4, 2.0.44-r5, 2.0.44-r6

Details

Multiple security vulnerabilities affect the stargate package. These issues are resolved in later releases. See references for individual vulnerability details.

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2015-3254	WEB
	https://osv.dev/vulnerability/CVE-2018-10237	WEB
	https://osv.dev/vulnerability/CVE-2018-11798	WEB
	https://osv.dev/vulnerability/CVE-2018-1320	WEB
	https://osv.dev/vulnerability/CVE-2018-20200	WEB
	https://osv.dev/vulnerability/CVE-2019-0205	WEB
	https://osv.dev/vulnerability/CVE-2020-8908	WEB
	https://osv.dev/vulnerability/CVE-2021-0341	WEB
	https://osv.dev/vulnerability/CVE-2021-41973	WEB
	https://osv.dev/vulnerability/CVE-2022-1471	WEB
	https://osv.dev/vulnerability/CVE-2022-24823	WEB
	https://osv.dev/vulnerability/CVE-2022-3171	WEB
	https://osv.dev/vulnerability/CVE-2022-3509	WEB
	https://osv.dev/vulnerability/CVE-2022-3510	WEB
	https://osv.dev/vulnerability/CVE-2022-41881	WEB
	https://osv.dev/vulnerability/CVE-2023-2976	WEB
	https://osv.dev/vulnerability/CVE-2023-34462	WEB
	https://osv.dev/vulnerability/CVE-2023-44487	WEB
	https://osv.dev/vulnerability/CVE-2023-46120	WEB
	https://osv.dev/vulnerability/CVE-2024-13009	WEB
	https://osv.dev/vulnerability/CVE-2024-29025	WEB
	https://osv.dev/vulnerability/CVE-2024-40094	WEB
	https://osv.dev/vulnerability/CVE-2024-47535	WEB
	https://osv.dev/vulnerability/CVE-2024-6763	WEB
	https://osv.dev/vulnerability/CVE-2024-7254	WEB
	https://osv.dev/vulnerability/CVE-2025-11143	WEB
	https://osv.dev/vulnerability/CVE-2025-25193	WEB
	https://osv.dev/vulnerability/CVE-2025-46392	WEB
	https://osv.dev/vulnerability/CVE-2025-48734	WEB
	https://osv.dev/vulnerability/CVE-2025-48924	WEB
	https://osv.dev/vulnerability/CVE-2025-53864	WEB
	https://osv.dev/vulnerability/CVE-2025-55163	WEB
	https://osv.dev/vulnerability/CVE-2025-58056	WEB
	https://osv.dev/vulnerability/CVE-2025-58057	WEB
	https://osv.dev/vulnerability/CVE-2025-59419	WEB
	https://osv.dev/vulnerability/CVE-2025-67735	WEB
	https://osv.dev/vulnerability/CVE-2026-1225	WEB
	https://osv.dev/vulnerability/CVE-2026-21452	WEB
	https://osv.dev/vulnerability/CVE-2026-27315	WEB
	https://osv.dev/vulnerability/CVE-2026-32588	WEB
	https://osv.dev/vulnerability/CVE-2026-33870	WEB
	https://osv.dev/vulnerability/CVE-2026-33871	WEB
	https://osv.dev/vulnerability/CVE-2026-41409	WEB
	https://osv.dev/vulnerability/CVE-2026-41417	WEB
	https://osv.dev/vulnerability/CVE-2026-41635	WEB
	https://osv.dev/vulnerability/CVE-2026-42578	WEB
	https://osv.dev/vulnerability/CVE-2026-42579	WEB
	https://osv.dev/vulnerability/CVE-2026-42580	WEB
	https://osv.dev/vulnerability/CVE-2026-42581	WEB
	https://osv.dev/vulnerability/CVE-2026-42583	WEB
	https://osv.dev/vulnerability/CVE-2026-42584	WEB
	https://osv.dev/vulnerability/CVE-2026-42585	WEB
	https://osv.dev/vulnerability/CVE-2026-42586	WEB
	https://osv.dev/vulnerability/CVE-2026-42587	WEB
	https://osv.dev/vulnerability/CVE-2026-42778	WEB
	https://osv.dev/vulnerability/CVE-2026-42779	WEB
	https://osv.dev/vulnerability/CVE-2026-44248	WEB
	https://osv.dev/vulnerability/ghsa-269q-hmxg-m83q	WEB
	https://osv.dev/vulnerability/ghsa-389x-839f-4rhx	WEB
	https://osv.dev/vulnerability/ghsa-38f8-5428-x5cv	WEB
	https://osv.dev/vulnerability/ghsa-3cqm-mf7h-prrj	WEB
	https://osv.dev/vulnerability/ghsa-3p8m-j85q-pgmj	WEB
	https://osv.dev/vulnerability/ghsa-45q3-82m4-75jr	WEB
	https://osv.dev/vulnerability/ghsa-4gg5-vx3j-xwc7	WEB
	https://osv.dev/vulnerability/ghsa-57rv-r2g8-2cj3	WEB
	https://osv.dev/vulnerability/ghsa-5jpm-x58v-624v	WEB
	https://osv.dev/vulnerability/ghsa-5mg8-w23w-74h3	WEB
	https://osv.dev/vulnerability/ghsa-6mjq-h674-j845	WEB
	https://osv.dev/vulnerability/ghsa-72hv-8253-57qq	WEB
	https://osv.dev/vulnerability/ghsa-735f-pc8j-v9w8	WEB
	https://osv.dev/vulnerability/ghsa-7g45-4rm6-3mm3	WEB
	https://osv.dev/vulnerability/ghsa-8297-v2rf-2p32	WEB
	https://osv.dev/vulnerability/ghsa-84h7-rjj3-6jx4	WEB
	https://osv.dev/vulnerability/ghsa-995c-6rp3-4m4x	WEB
	https://osv.dev/vulnerability/ghsa-cm33-6792-r9fm	WEB
	https://osv.dev/vulnerability/ghsa-cw39-r4h6-8j3x	WEB
	https://osv.dev/vulnerability/ghsa-f2wh-grmh-r6jm	WEB
	https://osv.dev/vulnerability/ghsa-f6hv-jmp6-3vwv	WEB
	https://osv.dev/vulnerability/ghsa-fghv-69vj-qj49	WEB
	https://osv.dev/vulnerability/ghsa-fh34-c629-p8xj	WEB
	https://osv.dev/vulnerability/ghsa-fx2c-96vj-985v	WEB
	https://osv.dev/vulnerability/ghsa-g5ww-5jh7-63cx	WEB
	https://osv.dev/vulnerability/ghsa-h4h5-3hr4-j3g2	WEB
	https://osv.dev/vulnerability/ghsa-h9mq-f6q5-6c8m	WEB
	https://osv.dev/vulnerability/ghsa-j288-q9x7-2f5v	WEB
	https://osv.dev/vulnerability/ghsa-jfg9-48mv-9qgx	WEB
	https://osv.dev/vulnerability/ghsa-jq43-27x9-3v86	WEB
	https://osv.dev/vulnerability/ghsa-m4cv-j2px-7723	WEB
	https://osv.dev/vulnerability/ghsa-mj4r-2hfc-f8p6	WEB
	https://osv.dev/vulnerability/ghsa-mjmj-j48q-9wg2	WEB
	https://osv.dev/vulnerability/ghsa-mm8h-8587-p46h	WEB
	https://osv.dev/vulnerability/ghsa-mvr2-9pj6-7w5j	WEB
	https://osv.dev/vulnerability/ghsa-prj3-ccx8-p6x4	WEB
	https://osv.dev/vulnerability/ghsa-pvp8-3xj6-8c6x	WEB
	https://osv.dev/vulnerability/ghsa-pwqr-wmgm-9rr8	WEB
	https://osv.dev/vulnerability/ghsa-qffm-gf3j-6mvg	WEB
	https://osv.dev/vulnerability/ghsa-qh8g-58pp-2wxh	WEB
	https://osv.dev/vulnerability/ghsa-qqpg-mvqg-649v	WEB
	https://osv.dev/vulnerability/ghsa-rgrr-p7gp-5xj7	WEB
	https://osv.dev/vulnerability/ghsa-rj7p-rfgp-852x	WEB
	https://osv.dev/vulnerability/ghsa-v8h7-rr48-vmmv	WEB
	https://osv.dev/vulnerability/ghsa-vf5j-865m-mq7c	WEB
	https://osv.dev/vulnerability/ghsa-vx85-mj8c-4qm6	WEB
	https://osv.dev/vulnerability/ghsa-w33c-445m-f8w7	WEB
	https://osv.dev/vulnerability/ghsa-w9fj-cfpg-grvv	WEB
	https://osv.dev/vulnerability/ghsa-wjpw-4j6x-6rwh	WEB
	https://osv.dev/vulnerability/ghsa-wjxj-f8rg-99wx	WEB
	https://osv.dev/vulnerability/ghsa-wxr5-93ph-8wr9	WEB
	https://osv.dev/vulnerability/ghsa-xpw8-rcwv-8f8p	WEB
	https://osv.dev/vulnerability/ghsa-xq3w-v528-46rv	WEB
	https://osv.dev/vulnerability/ghsa-xwmg-2g98-w7v9	WEB
	https://osv.dev/vulnerability/ghsa-xxqh-mfjm-7mv9	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2015-3254	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-10237	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-11798	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-1320	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-20200	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-0205	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8908	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-0341	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-41973	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-1471	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-24823	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-3171	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-3509	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-3510	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-41881	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-2976	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-34462	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-44487	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-46120	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-13009	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-29025	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-40094	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-47535	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-6763	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-7254	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-11143	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-25193	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-46392	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-48734	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-48924	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-53864	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-55163	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-58056	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-58057	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-59419	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-67735	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-1225	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-21452	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-27315	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-32588	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-33870	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-33871	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-41409	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-41417	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-41635	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42578	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42579	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42580	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42581	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42583	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42584	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42585	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42586	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42587	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42778	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42779	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-44248	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "stargate"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.0.44-r6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the stargate package. These issues are resolved in later releases. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-RN56220",
  "modified": "2026-05-12T18:00:20Z",
  "published": "2026-05-18T13:26:54.415325Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-RN56220.json"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2015-3254"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-10237"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-11798"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-1320"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-20200"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-0205"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8908"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-0341"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-41973"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-1471"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-24823"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-3171"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-3509"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-3510"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-41881"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-2976"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-34462"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-44487"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-46120"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-13009"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-29025"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-40094"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-47535"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-6763"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-7254"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-11143"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-25193"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-46392"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-48734"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-48924"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-53864"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-55163"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-58056"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-58057"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-59419"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-67735"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-1225"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-21452"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-27315"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-32588"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-33870"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-33871"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-41409"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-41417"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-41635"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42578"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42579"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42580"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42581"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42583"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42584"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42585"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42586"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42587"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42778"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42779"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-44248"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-269q-hmxg-m83q"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-389x-839f-4rhx"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-38f8-5428-x5cv"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-3cqm-mf7h-prrj"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-3p8m-j85q-pgmj"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-45q3-82m4-75jr"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-4gg5-vx3j-xwc7"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-57rv-r2g8-2cj3"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-5jpm-x58v-624v"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-5mg8-w23w-74h3"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-6mjq-h674-j845"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-72hv-8253-57qq"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-735f-pc8j-v9w8"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-7g45-4rm6-3mm3"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-8297-v2rf-2p32"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-84h7-rjj3-6jx4"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-995c-6rp3-4m4x"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-cm33-6792-r9fm"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-cw39-r4h6-8j3x"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-f2wh-grmh-r6jm"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-f6hv-jmp6-3vwv"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-fghv-69vj-qj49"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-fh34-c629-p8xj"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-fx2c-96vj-985v"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-g5ww-5jh7-63cx"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-h4h5-3hr4-j3g2"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-h9mq-f6q5-6c8m"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-j288-q9x7-2f5v"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-jfg9-48mv-9qgx"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-jq43-27x9-3v86"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-m4cv-j2px-7723"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-mj4r-2hfc-f8p6"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-mjmj-j48q-9wg2"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-mm8h-8587-p46h"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-mvr2-9pj6-7w5j"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-prj3-ccx8-p6x4"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-pvp8-3xj6-8c6x"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-pwqr-wmgm-9rr8"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-qffm-gf3j-6mvg"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-qh8g-58pp-2wxh"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-qqpg-mvqg-649v"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-rgrr-p7gp-5xj7"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-rj7p-rfgp-852x"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-v8h7-rr48-vmmv"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-vf5j-865m-mq7c"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-vx85-mj8c-4qm6"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-w33c-445m-f8w7"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-w9fj-cfpg-grvv"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-wjpw-4j6x-6rwh"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-wjxj-f8rg-99wx"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-wxr5-93ph-8wr9"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-xpw8-rcwv-8f8p"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-xq3w-v528-46rv"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-xwmg-2g98-w7v9"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-xxqh-mfjm-7mv9"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3254"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10237"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11798"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1320"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20200"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0205"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0341"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41973"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24823"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3171"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3509"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3510"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34462"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46120"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-13009"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40094"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47535"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6763"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7254"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11143"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25193"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46392"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48924"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53864"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55163"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58056"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58057"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59419"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67735"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1225"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21452"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27315"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32588"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33870"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33871"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41409"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41417"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41635"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42578"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42579"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42580"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42581"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42583"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42584"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42585"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42586"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42587"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42778"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42779"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44248"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "summary": "Security fixes for CVE-2015-3254, CVE-2018-10237, CVE-2018-11798, CVE-2018-1320, CVE-2018-20200, CVE-2019-0205, CVE-2020-8908, CVE-2021-0341, CVE-2021-41973, CVE-2022-1471, CVE-2022-24823, CVE-2022-3171, CVE-2022-3509, CVE-2022-3510, CVE-2022-41881, CVE-2023-2976, CVE-2023-34462, CVE-2023-44487, CVE-2023-46120, CVE-2024-13009, CVE-2024-29025, CVE-2024-40094, CVE-2024-47535, CVE-2024-6763, CVE-2024-7254, CVE-2025-11143, CVE-2025-25193, CVE-2025-46392, CVE-2025-48734, CVE-2025-48924, CVE-2025-53864, CVE-2025-55163, CVE-2025-58056, CVE-2025-58057, CVE-2025-59419, CVE-2025-67735, CVE-2026-1225, CVE-2026-21452, CVE-2026-27315, CVE-2026-32588, CVE-2026-33870, CVE-2026-33871, CVE-2026-41409, CVE-2026-41417, CVE-2026-41635, CVE-2026-42578, CVE-2026-42579, CVE-2026-42580, CVE-2026-42581, CVE-2026-42583, CVE-2026-42584, CVE-2026-42585, CVE-2026-42586, CVE-2026-42587, CVE-2026-42778, CVE-2026-42779, CVE-2026-44248, ghsa-269q-hmxg-m83q, ghsa-389x-839f-4rhx, ghsa-38f8-5428-x5cv, ghsa-3cqm-mf7h-prrj, ghsa-3p8m-j85q-pgmj, ghsa-45q3-82m4-75jr, ghsa-4gg5-vx3j-xwc7, ghsa-57rv-r2g8-2cj3, ghsa-5jpm-x58v-624v, ghsa-5mg8-w23w-74h3, ghsa-6mjq-h674-j845, ghsa-72hv-8253-57qq, ghsa-735f-pc8j-v9w8, ghsa-7g45-4rm6-3mm3, ghsa-8297-v2rf-2p32, ghsa-84h7-rjj3-6jx4, ghsa-995c-6rp3-4m4x, ghsa-cm33-6792-r9fm, ghsa-cw39-r4h6-8j3x, ghsa-f2wh-grmh-r6jm, ghsa-f6hv-jmp6-3vwv, ghsa-fghv-69vj-qj49, ghsa-fh34-c629-p8xj, ghsa-fx2c-96vj-985v, ghsa-g5ww-5jh7-63cx, ghsa-h4h5-3hr4-j3g2, ghsa-h9mq-f6q5-6c8m, ghsa-j288-q9x7-2f5v, ghsa-jfg9-48mv-9qgx, ghsa-jq43-27x9-3v86, ghsa-m4cv-j2px-7723, ghsa-mj4r-2hfc-f8p6, ghsa-mjmj-j48q-9wg2, ghsa-mm8h-8587-p46h, ghsa-mvr2-9pj6-7w5j, ghsa-prj3-ccx8-p6x4, ghsa-pvp8-3xj6-8c6x, ghsa-pwqr-wmgm-9rr8, ghsa-qffm-gf3j-6mvg, ghsa-qh8g-58pp-2wxh, ghsa-qqpg-mvqg-649v, ghsa-rgrr-p7gp-5xj7, ghsa-rj7p-rfgp-852x, ghsa-v8h7-rr48-vmmv, ghsa-vf5j-865m-mq7c, ghsa-vx85-mj8c-4qm6, ghsa-w33c-445m-f8w7, ghsa-w9fj-cfpg-grvv, ghsa-wjpw-4j6x-6rwh, ghsa-wjxj-f8rg-99wx, ghsa-wxr5-93ph-8wr9, ghsa-xpw8-rcwv-8f8p, ghsa-xq3w-v528-46rv, ghsa-xwmg-2g98-w7v9, ghsa-xxqh-mfjm-7mv9 applied in versions: 2.0.44-r4, 2.0.44-r5, 2.0.44-r6",
  "upstream": [
    "CVE-2015-3254",
    "CVE-2018-10237",
    "CVE-2018-11798",
    "CVE-2018-1320",
    "CVE-2018-20200",
    "CVE-2019-0205",
    "CVE-2020-8908",
    "CVE-2021-0341",
    "CVE-2021-41973",
    "CVE-2022-1471",
    "CVE-2022-24823",
    "CVE-2022-3171",
    "CVE-2022-3509",
    "CVE-2022-3510",
    "CVE-2022-41881",
    "CVE-2023-2976",
    "CVE-2023-34462",
    "CVE-2023-44487",
    "CVE-2023-46120",
    "CVE-2024-13009",
    "CVE-2024-29025",
    "CVE-2024-40094",
    "CVE-2024-47535",
    "CVE-2024-6763",
    "CVE-2024-7254",
    "CVE-2025-11143",
    "CVE-2025-25193",
    "CVE-2025-46392",
    "CVE-2025-48734",
    "CVE-2025-48924",
    "CVE-2025-53864",
    "CVE-2025-55163",
    "CVE-2025-58056",
    "CVE-2025-58057",
    "CVE-2025-59419",
    "CVE-2025-67735",
    "CVE-2026-1225",
    "CVE-2026-21452",
    "CVE-2026-27315",
    "CVE-2026-32588",
    "CVE-2026-33870",
    "CVE-2026-33871",
    "CVE-2026-41409",
    "CVE-2026-41417",
    "CVE-2026-41635",
    "CVE-2026-42578",
    "CVE-2026-42579",
    "CVE-2026-42580",
    "CVE-2026-42581",
    "CVE-2026-42583",
    "CVE-2026-42584",
    "CVE-2026-42585",
    "CVE-2026-42586",
    "CVE-2026-42587",
    "CVE-2026-42778",
    "CVE-2026-42779",
    "CVE-2026-44248",
    "ghsa-269q-hmxg-m83q",
    "ghsa-389x-839f-4rhx",
    "ghsa-38f8-5428-x5cv",
    "ghsa-3cqm-mf7h-prrj",
    "ghsa-3p8m-j85q-pgmj",
    "ghsa-45q3-82m4-75jr",
    "ghsa-4gg5-vx3j-xwc7",
    "ghsa-57rv-r2g8-2cj3",
    "ghsa-5jpm-x58v-624v",
    "ghsa-5mg8-w23w-74h3",
    "ghsa-6mjq-h674-j845",
    "ghsa-72hv-8253-57qq",
    "ghsa-735f-pc8j-v9w8",
    "ghsa-7g45-4rm6-3mm3",
    "ghsa-8297-v2rf-2p32",
    "ghsa-84h7-rjj3-6jx4",
    "ghsa-995c-6rp3-4m4x",
    "ghsa-cm33-6792-r9fm",
    "ghsa-cw39-r4h6-8j3x",
    "ghsa-f2wh-grmh-r6jm",
    "ghsa-f6hv-jmp6-3vwv",
    "ghsa-fghv-69vj-qj49",
    "ghsa-fh34-c629-p8xj",
    "ghsa-fx2c-96vj-985v",
    "ghsa-g5ww-5jh7-63cx",
    "ghsa-h4h5-3hr4-j3g2",
    "ghsa-h9mq-f6q5-6c8m",
    "ghsa-j288-q9x7-2f5v",
    "ghsa-jfg9-48mv-9qgx",
    "ghsa-jq43-27x9-3v86",
    "ghsa-m4cv-j2px-7723",
    "ghsa-mj4r-2hfc-f8p6",
    "ghsa-mjmj-j48q-9wg2",
    "ghsa-mm8h-8587-p46h",
    "ghsa-mvr2-9pj6-7w5j",
    "ghsa-prj3-ccx8-p6x4",
    "ghsa-pvp8-3xj6-8c6x",
    "ghsa-pwqr-wmgm-9rr8",
    "ghsa-qffm-gf3j-6mvg",
    "ghsa-qh8g-58pp-2wxh",
    "ghsa-qqpg-mvqg-649v",
    "ghsa-rgrr-p7gp-5xj7",
    "ghsa-rj7p-rfgp-852x",
    "ghsa-v8h7-rr48-vmmv",
    "ghsa-vf5j-865m-mq7c",
    "ghsa-vx85-mj8c-4qm6",
    "ghsa-w33c-445m-f8w7",
    "ghsa-w9fj-cfpg-grvv",
    "ghsa-wjpw-4j6x-6rwh",
    "ghsa-wjxj-f8rg-99wx",
    "ghsa-wxr5-93ph-8wr9",
    "ghsa-xpw8-rcwv-8f8p",
    "ghsa-xq3w-v528-46rv",
    "ghsa-xwmg-2g98-w7v9",
    "ghsa-xxqh-mfjm-7mv9"
  ]
}

cleanstart-2026-sq91016

Vulnerability from cleanstart

Published

2026-05-18 13:11

Modified

2026-05-14 06:09

Summary

Security fixes for CVE-2018-10237, CVE-2020-8908, CVE-2021-22569, CVE-2021-22570, CVE-2022-2047, CVE-2022-3171, CVE-2022-3509, CVE-2022-3510, CVE-2022-36364, CVE-2022-41881, CVE-2023-20861, CVE-2023-20863, CVE-2023-26048, CVE-2023-26049, CVE-2023-2976, CVE-2023-34462, CVE-2023-36479, CVE-2023-40167, CVE-2023-41900, CVE-2023-42503, CVE-2023-44981, CVE-2024-13009, CVE-2024-23454, CVE-2024-23944, CVE-2024-25710, CVE-2024-26308, CVE-2024-29131, CVE-2024-29133, CVE-2024-38808, CVE-2024-38820, CVE-2024-38827, CVE-2024-47554, CVE-2024-47561, CVE-2024-52046, CVE-2024-6763, CVE-2024-7254, CVE-2024-8184, CVE-2025-11143, CVE-2025-22233, CVE-2025-24970, CVE-2025-25193, CVE-2025-27821, CVE-2025-41249, CVE-2025-48734, CVE-2025-48924, CVE-2025-49128, CVE-2025-52999, CVE-2025-53864, CVE-2025-55163, CVE-2025-58056, CVE-2025-58057, CVE-2025-59419, CVE-2025-67735, CVE-2025-68161, CVE-2025-8916, CVE-2026-24281, CVE-2026-24308, CVE-2026-33870, CVE-2026-33871, CVE-2026-5588, ghsa-58qw-p7qm-5rvh, ghsa-72hv-8253-57qq applied in versions: 4.0.0-r0, 4.0.0-r1

Details

Multiple security vulnerabilities affect the apache-hive package. These issues are resolved in later releases. See references for individual vulnerability details.

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2018-10237	WEB
	https://osv.dev/vulnerability/CVE-2020-8908	WEB
	https://osv.dev/vulnerability/CVE-2021-22569	WEB
	https://osv.dev/vulnerability/CVE-2021-22570	WEB
	https://osv.dev/vulnerability/CVE-2022-2047	WEB
	https://osv.dev/vulnerability/CVE-2022-3171	WEB
	https://osv.dev/vulnerability/CVE-2022-3509	WEB
	https://osv.dev/vulnerability/CVE-2022-3510	WEB
	https://osv.dev/vulnerability/CVE-2022-36364	WEB
	https://osv.dev/vulnerability/CVE-2022-41881	WEB
	https://osv.dev/vulnerability/CVE-2023-20861	WEB
	https://osv.dev/vulnerability/CVE-2023-20863	WEB
	https://osv.dev/vulnerability/CVE-2023-26048	WEB
	https://osv.dev/vulnerability/CVE-2023-26049	WEB
	https://osv.dev/vulnerability/CVE-2023-2976	WEB
	https://osv.dev/vulnerability/CVE-2023-34462	WEB
	https://osv.dev/vulnerability/CVE-2023-36479	WEB
	https://osv.dev/vulnerability/CVE-2023-40167	WEB
	https://osv.dev/vulnerability/CVE-2023-41900	WEB
	https://osv.dev/vulnerability/CVE-2023-42503	WEB
	https://osv.dev/vulnerability/CVE-2023-44981	WEB
	https://osv.dev/vulnerability/CVE-2024-13009	WEB
	https://osv.dev/vulnerability/CVE-2024-23454	WEB
	https://osv.dev/vulnerability/CVE-2024-23944	WEB
	https://osv.dev/vulnerability/CVE-2024-25710	WEB
	https://osv.dev/vulnerability/CVE-2024-26308	WEB
	https://osv.dev/vulnerability/CVE-2024-29131	WEB
	https://osv.dev/vulnerability/CVE-2024-29133	WEB
	https://osv.dev/vulnerability/CVE-2024-38808	WEB
	https://osv.dev/vulnerability/CVE-2024-38820	WEB
	https://osv.dev/vulnerability/CVE-2024-38827	WEB
	https://osv.dev/vulnerability/CVE-2024-47554	WEB
	https://osv.dev/vulnerability/CVE-2024-47561	WEB
	https://osv.dev/vulnerability/CVE-2024-52046	WEB
	https://osv.dev/vulnerability/CVE-2024-6763	WEB
	https://osv.dev/vulnerability/CVE-2024-7254	WEB
	https://osv.dev/vulnerability/CVE-2024-8184	WEB
	https://osv.dev/vulnerability/CVE-2025-11143	WEB
	https://osv.dev/vulnerability/CVE-2025-22233	WEB
	https://osv.dev/vulnerability/CVE-2025-24970	WEB
	https://osv.dev/vulnerability/CVE-2025-25193	WEB
	https://osv.dev/vulnerability/CVE-2025-27821	WEB
	https://osv.dev/vulnerability/CVE-2025-41249	WEB
	https://osv.dev/vulnerability/CVE-2025-48734	WEB
	https://osv.dev/vulnerability/CVE-2025-48924	WEB
	https://osv.dev/vulnerability/CVE-2025-49128	WEB
	https://osv.dev/vulnerability/CVE-2025-52999	WEB
	https://osv.dev/vulnerability/CVE-2025-53864	WEB
	https://osv.dev/vulnerability/CVE-2025-55163	WEB
	https://osv.dev/vulnerability/CVE-2025-58056	WEB
	https://osv.dev/vulnerability/CVE-2025-58057	WEB
	https://osv.dev/vulnerability/CVE-2025-59419	WEB
	https://osv.dev/vulnerability/CVE-2025-67735	WEB
	https://osv.dev/vulnerability/CVE-2025-68161	WEB
	https://osv.dev/vulnerability/CVE-2025-8916	WEB
	https://osv.dev/vulnerability/CVE-2026-24281	WEB
	https://osv.dev/vulnerability/CVE-2026-24308	WEB
	https://osv.dev/vulnerability/CVE-2026-33870	WEB
	https://osv.dev/vulnerability/CVE-2026-33871	WEB
	https://osv.dev/vulnerability/CVE-2026-5588	WEB
	https://osv.dev/vulnerability/ghsa-58qw-p7qm-5rvh	WEB
	https://osv.dev/vulnerability/ghsa-72hv-8253-57qq	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-10237	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8908	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22569	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22570	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-2047	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-3171	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-3509	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-3510	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-36364	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-41881	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-20861	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-20863	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-26048	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-26049	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-2976	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-34462	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-36479	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-40167	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-41900	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-42503	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-44981	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-13009	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23454	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23944	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-25710	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-26308	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-29131	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-29133	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-38808	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-38820	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-38827	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-47554	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-47561	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-52046	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-6763	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-7254	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-8184	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-11143	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-22233	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-24970	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-25193	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-27821	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-41249	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-48734	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-48924	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-49128	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-52999	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-53864	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-55163	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-58056	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-58057	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-59419	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-67735	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-68161	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-8916	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-24281	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-24308	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-33870	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-33871	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-5588	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "apache-hive"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.0.0-r1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the apache-hive package. These issues are resolved in later releases. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-SQ91016",
  "modified": "2026-05-14T06:09:00Z",
  "published": "2026-05-18T13:11:46.835215Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-SQ91016.json"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-10237"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8908"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22569"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22570"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-2047"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-3171"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-3509"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-3510"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-36364"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-41881"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-20861"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-20863"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-26048"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-26049"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-2976"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-34462"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-36479"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-40167"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-41900"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-42503"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-44981"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-13009"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23454"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23944"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-25710"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-26308"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-29131"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-29133"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-38808"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-38820"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-38827"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-47554"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-47561"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-52046"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-6763"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-7254"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-8184"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-11143"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-22233"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-24970"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-25193"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-27821"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-41249"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-48734"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-48924"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-49128"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-52999"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-53864"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-55163"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-58056"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-58057"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-59419"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-67735"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-68161"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-8916"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-24281"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-24308"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-33870"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-33871"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-5588"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-58qw-p7qm-5rvh"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-72hv-8253-57qq"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10237"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22569"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22570"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2047"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3171"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3509"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3510"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36364"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20861"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20863"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26048"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26049"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34462"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36479"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40167"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-41900"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42503"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44981"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-13009"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23454"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23944"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25710"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26308"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29131"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29133"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38808"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38820"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38827"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47554"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47561"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52046"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6763"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7254"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8184"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11143"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22233"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24970"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25193"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27821"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-41249"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48924"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49128"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52999"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53864"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55163"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58056"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58057"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59419"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67735"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68161"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8916"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24281"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24308"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33870"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33871"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5588"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "summary": "Security fixes for CVE-2018-10237, CVE-2020-8908, CVE-2021-22569, CVE-2021-22570, CVE-2022-2047, CVE-2022-3171, CVE-2022-3509, CVE-2022-3510, CVE-2022-36364, CVE-2022-41881, CVE-2023-20861, CVE-2023-20863, CVE-2023-26048, CVE-2023-26049, CVE-2023-2976, CVE-2023-34462, CVE-2023-36479, CVE-2023-40167, CVE-2023-41900, CVE-2023-42503, CVE-2023-44981, CVE-2024-13009, CVE-2024-23454, CVE-2024-23944, CVE-2024-25710, CVE-2024-26308, CVE-2024-29131, CVE-2024-29133, CVE-2024-38808, CVE-2024-38820, CVE-2024-38827, CVE-2024-47554, CVE-2024-47561, CVE-2024-52046, CVE-2024-6763, CVE-2024-7254, CVE-2024-8184, CVE-2025-11143, CVE-2025-22233, CVE-2025-24970, CVE-2025-25193, CVE-2025-27821, CVE-2025-41249, CVE-2025-48734, CVE-2025-48924, CVE-2025-49128, CVE-2025-52999, CVE-2025-53864, CVE-2025-55163, CVE-2025-58056, CVE-2025-58057, CVE-2025-59419, CVE-2025-67735, CVE-2025-68161, CVE-2025-8916, CVE-2026-24281, CVE-2026-24308, CVE-2026-33870, CVE-2026-33871, CVE-2026-5588, ghsa-58qw-p7qm-5rvh, ghsa-72hv-8253-57qq applied in versions: 4.0.0-r0, 4.0.0-r1",
  "upstream": [
    "CVE-2018-10237",
    "CVE-2020-8908",
    "CVE-2021-22569",
    "CVE-2021-22570",
    "CVE-2022-2047",
    "CVE-2022-3171",
    "CVE-2022-3509",
    "CVE-2022-3510",
    "CVE-2022-36364",
    "CVE-2022-41881",
    "CVE-2023-20861",
    "CVE-2023-20863",
    "CVE-2023-26048",
    "CVE-2023-26049",
    "CVE-2023-2976",
    "CVE-2023-34462",
    "CVE-2023-36479",
    "CVE-2023-40167",
    "CVE-2023-41900",
    "CVE-2023-42503",
    "CVE-2023-44981",
    "CVE-2024-13009",
    "CVE-2024-23454",
    "CVE-2024-23944",
    "CVE-2024-25710",
    "CVE-2024-26308",
    "CVE-2024-29131",
    "CVE-2024-29133",
    "CVE-2024-38808",
    "CVE-2024-38820",
    "CVE-2024-38827",
    "CVE-2024-47554",
    "CVE-2024-47561",
    "CVE-2024-52046",
    "CVE-2024-6763",
    "CVE-2024-7254",
    "CVE-2024-8184",
    "CVE-2025-11143",
    "CVE-2025-22233",
    "CVE-2025-24970",
    "CVE-2025-25193",
    "CVE-2025-27821",
    "CVE-2025-41249",
    "CVE-2025-48734",
    "CVE-2025-48924",
    "CVE-2025-49128",
    "CVE-2025-52999",
    "CVE-2025-53864",
    "CVE-2025-55163",
    "CVE-2025-58056",
    "CVE-2025-58057",
    "CVE-2025-59419",
    "CVE-2025-67735",
    "CVE-2025-68161",
    "CVE-2025-8916",
    "CVE-2026-24281",
    "CVE-2026-24308",
    "CVE-2026-33870",
    "CVE-2026-33871",
    "CVE-2026-5588",
    "ghsa-58qw-p7qm-5rvh",
    "ghsa-72hv-8253-57qq"
  ]
}

cleanstart-2026-sv95049

Vulnerability from cleanstart

Published

2026-05-18 13:10

Modified

2026-05-14 06:03

Summary

Security fixes for CVE-2018-10237, CVE-2020-8908, CVE-2021-22569, CVE-2021-22570, CVE-2022-3171, CVE-2022-3509, CVE-2022-3510, CVE-2023-2976, CVE-2023-44981, CVE-2024-23454, CVE-2024-23944, CVE-2024-38827, CVE-2024-47554, CVE-2024-6763, CVE-2024-7254, CVE-2025-11143, CVE-2025-24970, CVE-2025-25193, CVE-2025-27821, CVE-2025-41249, CVE-2025-48734, CVE-2025-48924, CVE-2025-49128, CVE-2025-52999, CVE-2025-53864, CVE-2025-55163, CVE-2025-58056, CVE-2025-58057, CVE-2025-59419, CVE-2025-67735, CVE-2025-68161, CVE-2025-8916, CVE-2026-24281, CVE-2026-24308, CVE-2026-33870, CVE-2026-33871, CVE-2026-5588, ghsa-72hv-8253-57qq applied in versions: 4.1.0-r1, 4.1.0-r2

Details

Multiple security vulnerabilities affect the apache-hive package. These issues are resolved in later releases. See references for individual vulnerability details.

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2018-10237	WEB
	https://osv.dev/vulnerability/CVE-2020-8908	WEB
	https://osv.dev/vulnerability/CVE-2021-22569	WEB
	https://osv.dev/vulnerability/CVE-2021-22570	WEB
	https://osv.dev/vulnerability/CVE-2022-3171	WEB
	https://osv.dev/vulnerability/CVE-2022-3509	WEB
	https://osv.dev/vulnerability/CVE-2022-3510	WEB
	https://osv.dev/vulnerability/CVE-2023-2976	WEB
	https://osv.dev/vulnerability/CVE-2023-44981	WEB
	https://osv.dev/vulnerability/CVE-2024-23454	WEB
	https://osv.dev/vulnerability/CVE-2024-23944	WEB
	https://osv.dev/vulnerability/CVE-2024-38827	WEB
	https://osv.dev/vulnerability/CVE-2024-47554	WEB
	https://osv.dev/vulnerability/CVE-2024-6763	WEB
	https://osv.dev/vulnerability/CVE-2024-7254	WEB
	https://osv.dev/vulnerability/CVE-2025-11143	WEB
	https://osv.dev/vulnerability/CVE-2025-24970	WEB
	https://osv.dev/vulnerability/CVE-2025-25193	WEB
	https://osv.dev/vulnerability/CVE-2025-27821	WEB
	https://osv.dev/vulnerability/CVE-2025-41249	WEB
	https://osv.dev/vulnerability/CVE-2025-48734	WEB
	https://osv.dev/vulnerability/CVE-2025-48924	WEB
	https://osv.dev/vulnerability/CVE-2025-49128	WEB
	https://osv.dev/vulnerability/CVE-2025-52999	WEB
	https://osv.dev/vulnerability/CVE-2025-53864	WEB
	https://osv.dev/vulnerability/CVE-2025-55163	WEB
	https://osv.dev/vulnerability/CVE-2025-58056	WEB
	https://osv.dev/vulnerability/CVE-2025-58057	WEB
	https://osv.dev/vulnerability/CVE-2025-59419	WEB
	https://osv.dev/vulnerability/CVE-2025-67735	WEB
	https://osv.dev/vulnerability/CVE-2025-68161	WEB
	https://osv.dev/vulnerability/CVE-2025-8916	WEB
	https://osv.dev/vulnerability/CVE-2026-24281	WEB
	https://osv.dev/vulnerability/CVE-2026-24308	WEB
	https://osv.dev/vulnerability/CVE-2026-33870	WEB
	https://osv.dev/vulnerability/CVE-2026-33871	WEB
	https://osv.dev/vulnerability/CVE-2026-5588	WEB
	https://osv.dev/vulnerability/ghsa-72hv-8253-57qq	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-10237	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8908	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22569	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-22570	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-3171	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-3509	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-3510	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-2976	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-44981	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23454	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23944	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-38827	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-47554	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-6763	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-7254	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-11143	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-24970	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-25193	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-27821	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-41249	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-48734	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-48924	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-49128	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-52999	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-53864	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-55163	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-58056	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-58057	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-59419	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-67735	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-68161	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-8916	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-24281	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-24308	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-33870	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-33871	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-5588	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "apache-hive"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.1.0-r2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the apache-hive package. These issues are resolved in later releases. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-SV95049",
  "modified": "2026-05-14T06:03:08Z",
  "published": "2026-05-18T13:10:38.939090Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-SV95049.json"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-10237"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8908"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22569"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-22570"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-3171"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-3509"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-3510"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-2976"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-44981"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23454"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23944"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-38827"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-47554"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-6763"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-7254"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-11143"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-24970"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-25193"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-27821"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-41249"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-48734"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-48924"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-49128"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-52999"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-53864"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-55163"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-58056"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-58057"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-59419"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-67735"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-68161"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-8916"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-24281"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-24308"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-33870"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-33871"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-5588"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-72hv-8253-57qq"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10237"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22569"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22570"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3171"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3509"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3510"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44981"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23454"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23944"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38827"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47554"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6763"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7254"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11143"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24970"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25193"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27821"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-41249"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48924"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49128"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52999"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53864"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55163"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58056"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58057"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59419"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67735"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68161"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8916"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24281"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24308"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33870"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33871"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5588"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "summary": "Security fixes for CVE-2018-10237, CVE-2020-8908, CVE-2021-22569, CVE-2021-22570, CVE-2022-3171, CVE-2022-3509, CVE-2022-3510, CVE-2023-2976, CVE-2023-44981, CVE-2024-23454, CVE-2024-23944, CVE-2024-38827, CVE-2024-47554, CVE-2024-6763, CVE-2024-7254, CVE-2025-11143, CVE-2025-24970, CVE-2025-25193, CVE-2025-27821, CVE-2025-41249, CVE-2025-48734, CVE-2025-48924, CVE-2025-49128, CVE-2025-52999, CVE-2025-53864, CVE-2025-55163, CVE-2025-58056, CVE-2025-58057, CVE-2025-59419, CVE-2025-67735, CVE-2025-68161, CVE-2025-8916, CVE-2026-24281, CVE-2026-24308, CVE-2026-33870, CVE-2026-33871, CVE-2026-5588, ghsa-72hv-8253-57qq applied in versions: 4.1.0-r1, 4.1.0-r2",
  "upstream": [
    "CVE-2018-10237",
    "CVE-2020-8908",
    "CVE-2021-22569",
    "CVE-2021-22570",
    "CVE-2022-3171",
    "CVE-2022-3509",
    "CVE-2022-3510",
    "CVE-2023-2976",
    "CVE-2023-44981",
    "CVE-2024-23454",
    "CVE-2024-23944",
    "CVE-2024-38827",
    "CVE-2024-47554",
    "CVE-2024-6763",
    "CVE-2024-7254",
    "CVE-2025-11143",
    "CVE-2025-24970",
    "CVE-2025-25193",
    "CVE-2025-27821",
    "CVE-2025-41249",
    "CVE-2025-48734",
    "CVE-2025-48924",
    "CVE-2025-49128",
    "CVE-2025-52999",
    "CVE-2025-53864",
    "CVE-2025-55163",
    "CVE-2025-58056",
    "CVE-2025-58057",
    "CVE-2025-59419",
    "CVE-2025-67735",
    "CVE-2025-68161",
    "CVE-2025-8916",
    "CVE-2026-24281",
    "CVE-2026-24308",
    "CVE-2026-33870",
    "CVE-2026-33871",
    "CVE-2026-5588",
    "ghsa-72hv-8253-57qq"
  ]
}

cleanstart-2026-vh41554

Vulnerability from cleanstart

Published

2026-04-06 02:48

Modified

2026-04-03 09:17

Summary

Security fixes for CVE-2018-10237, CVE-2020-8908, CVE-2021-41973, CVE-2022-24823, CVE-2022-3171, CVE-2022-3509, CVE-2022-3510, CVE-2022-41881, CVE-2023-1370, CVE-2023-2976, CVE-2023-34453, CVE-2023-34454, CVE-2023-34455, CVE-2023-34462, CVE-2023-43642, CVE-2023-44487, CVE-2023-52428, CVE-2024-12798, CVE-2024-12801, CVE-2024-13009, CVE-2024-21634, CVE-2024-25638, CVE-2024-27137, CVE-2024-29025, CVE-2024-35255, CVE-2024-40094, CVE-2024-47535, CVE-2024-47554, CVE-2024-52046, CVE-2024-6763, CVE-2024-7254, CVE-2024-8184, CVE-2024-9823, CVE-2025-23015, CVE-2025-24860, CVE-2025-24970, CVE-2025-25193, CVE-2025-46392, CVE-2025-48734, CVE-2025-48924, CVE-2025-53864, CVE-2025-55163, CVE-2025-58056, CVE-2025-58057, CVE-2025-59419, CVE-2025-67735, CVE-2026-1225, CVE-2026-33870, CVE-2026-33871, ghsa-25qh-j22f-pwp8, ghsa-264p-99wq-f4j6, ghsa-269q-hmxg-m83q, ghsa-389x-839f-4rhx, ghsa-3p8m-j85q-pgmj, ghsa-493p-pfq6-5258, ghsa-4g8c-wm8x-jfhw, ghsa-4gg5-vx3j-xwc7, ghsa-55g7-9cwv-5qfv, ghsa-5jpm-x58v-624v, ghsa-5mg8-w23w-74h3, ghsa-6mjq-h674-j845, ghsa-6v67-2wr5-gvf4, ghsa-735f-pc8j-v9w8, ghsa-76h9-2vwh-w278, ghsa-78wr-2p64-hpwj, ghsa-7g45-4rm6-3mm3, ghsa-84h7-rjj3-6jx4, ghsa-cfxw-4h78-h7fw, ghsa-fghv-69vj-qj49, ghsa-fjpj-2g6w-x25r, ghsa-fx2c-96vj-985v, ghsa-g5ww-5jh7-63cx, ghsa-g8m5-722r-8whq, ghsa-gvpg-vgmx-xg6w, ghsa-h4h5-3hr4-j3g2, ghsa-h9mq-f6q5-6c8m, ghsa-j26w-f9rq-mr2q, ghsa-j288-q9x7-2f5v, ghsa-jq43-27x9-3v86, ghsa-mvr2-9pj6-7w5j, ghsa-pqr6-cmr2-h8hf, ghsa-pr98-23f8-jwxv, ghsa-prj3-ccx8-p6x4, ghsa-q4rv-gq96-w7c5, ghsa-qcwq-55hx-v3vh, ghsa-qqpg-mvqg-649v, ghsa-wxr5-93ph-8wr9, ghsa-xpw8-rcwv-8f8p, ghsa-xq3w-v528-46rv, ghsa-xwmg-2g98-w7v9 applied in versions: 1.0.90-r4, 1.0.91-r0, 1.0.91-r1

Details

Multiple security vulnerabilities affect the stargate package. These issues are resolved in later releases. See references for individual vulnerability details.

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2018-10237	WEB
	https://osv.dev/vulnerability/CVE-2020-8908	WEB
	https://osv.dev/vulnerability/CVE-2021-41973	WEB
	https://osv.dev/vulnerability/CVE-2022-24823	WEB
	https://osv.dev/vulnerability/CVE-2022-3171	WEB
	https://osv.dev/vulnerability/CVE-2022-3509	WEB
	https://osv.dev/vulnerability/CVE-2022-3510	WEB
	https://osv.dev/vulnerability/CVE-2022-41881	WEB
	https://osv.dev/vulnerability/CVE-2023-1370	WEB
	https://osv.dev/vulnerability/CVE-2023-2976	WEB
	https://osv.dev/vulnerability/CVE-2023-34453	WEB
	https://osv.dev/vulnerability/CVE-2023-34454	WEB
	https://osv.dev/vulnerability/CVE-2023-34455	WEB
	https://osv.dev/vulnerability/CVE-2023-34462	WEB
	https://osv.dev/vulnerability/CVE-2023-43642	WEB
	https://osv.dev/vulnerability/CVE-2023-44487	WEB
	https://osv.dev/vulnerability/CVE-2023-52428	WEB
	https://osv.dev/vulnerability/CVE-2024-12798	WEB
	https://osv.dev/vulnerability/CVE-2024-12801	WEB
	https://osv.dev/vulnerability/CVE-2024-13009	WEB
	https://osv.dev/vulnerability/CVE-2024-21634	WEB
	https://osv.dev/vulnerability/CVE-2024-25638	WEB
	https://osv.dev/vulnerability/CVE-2024-27137	WEB
	https://osv.dev/vulnerability/CVE-2024-29025	WEB
	https://osv.dev/vulnerability/CVE-2024-35255	WEB
	https://osv.dev/vulnerability/CVE-2024-40094	WEB
	https://osv.dev/vulnerability/CVE-2024-47535	WEB
	https://osv.dev/vulnerability/CVE-2024-47554	WEB
	https://osv.dev/vulnerability/CVE-2024-52046	WEB
	https://osv.dev/vulnerability/CVE-2024-6763	WEB
	https://osv.dev/vulnerability/CVE-2024-7254	WEB
	https://osv.dev/vulnerability/CVE-2024-8184	WEB
	https://osv.dev/vulnerability/CVE-2024-9823	WEB
	https://osv.dev/vulnerability/CVE-2025-23015	WEB
	https://osv.dev/vulnerability/CVE-2025-24860	WEB
	https://osv.dev/vulnerability/CVE-2025-24970	WEB
	https://osv.dev/vulnerability/CVE-2025-25193	WEB
	https://osv.dev/vulnerability/CVE-2025-46392	WEB
	https://osv.dev/vulnerability/CVE-2025-48734	WEB
	https://osv.dev/vulnerability/CVE-2025-48924	WEB
	https://osv.dev/vulnerability/CVE-2025-53864	WEB
	https://osv.dev/vulnerability/CVE-2025-55163	WEB
	https://osv.dev/vulnerability/CVE-2025-58056	WEB
	https://osv.dev/vulnerability/CVE-2025-58057	WEB
	https://osv.dev/vulnerability/CVE-2025-59419	WEB
	https://osv.dev/vulnerability/CVE-2025-67735	WEB
	https://osv.dev/vulnerability/CVE-2026-1225	WEB
	https://osv.dev/vulnerability/CVE-2026-33870	WEB
	https://osv.dev/vulnerability/CVE-2026-33871	WEB
	https://osv.dev/vulnerability/ghsa-25qh-j22f-pwp8	WEB
	https://osv.dev/vulnerability/ghsa-264p-99wq-f4j6	WEB
	https://osv.dev/vulnerability/ghsa-269q-hmxg-m83q	WEB
	https://osv.dev/vulnerability/ghsa-389x-839f-4rhx	WEB
	https://osv.dev/vulnerability/ghsa-3p8m-j85q-pgmj	WEB
	https://osv.dev/vulnerability/ghsa-493p-pfq6-5258	WEB
	https://osv.dev/vulnerability/ghsa-4g8c-wm8x-jfhw	WEB
	https://osv.dev/vulnerability/ghsa-4gg5-vx3j-xwc7	WEB
	https://osv.dev/vulnerability/ghsa-55g7-9cwv-5qfv	WEB
	https://osv.dev/vulnerability/ghsa-5jpm-x58v-624v	WEB
	https://osv.dev/vulnerability/ghsa-5mg8-w23w-74h3	WEB
	https://osv.dev/vulnerability/ghsa-6mjq-h674-j845	WEB
	https://osv.dev/vulnerability/ghsa-6v67-2wr5-gvf4	WEB
	https://osv.dev/vulnerability/ghsa-735f-pc8j-v9w8	WEB
	https://osv.dev/vulnerability/ghsa-76h9-2vwh-w278	WEB
	https://osv.dev/vulnerability/ghsa-78wr-2p64-hpwj	WEB
	https://osv.dev/vulnerability/ghsa-7g45-4rm6-3mm3	WEB
	https://osv.dev/vulnerability/ghsa-84h7-rjj3-6jx4	WEB
	https://osv.dev/vulnerability/ghsa-cfxw-4h78-h7fw	WEB
	https://osv.dev/vulnerability/ghsa-fghv-69vj-qj49	WEB
	https://osv.dev/vulnerability/ghsa-fjpj-2g6w-x25r	WEB
	https://osv.dev/vulnerability/ghsa-fx2c-96vj-985v	WEB
	https://osv.dev/vulnerability/ghsa-g5ww-5jh7-63cx	WEB
	https://osv.dev/vulnerability/ghsa-g8m5-722r-8whq	WEB
	https://osv.dev/vulnerability/ghsa-gvpg-vgmx-xg6w	WEB
	https://osv.dev/vulnerability/ghsa-h4h5-3hr4-j3g2	WEB
	https://osv.dev/vulnerability/ghsa-h9mq-f6q5-6c8m	WEB
	https://osv.dev/vulnerability/ghsa-j26w-f9rq-mr2q	WEB
	https://osv.dev/vulnerability/ghsa-j288-q9x7-2f5v	WEB
	https://osv.dev/vulnerability/ghsa-jq43-27x9-3v86	WEB
	https://osv.dev/vulnerability/ghsa-mvr2-9pj6-7w5j	WEB
	https://osv.dev/vulnerability/ghsa-pqr6-cmr2-h8hf	WEB
	https://osv.dev/vulnerability/ghsa-pr98-23f8-jwxv	WEB
	https://osv.dev/vulnerability/ghsa-prj3-ccx8-p6x4	WEB
	https://osv.dev/vulnerability/ghsa-q4rv-gq96-w7c5	WEB
	https://osv.dev/vulnerability/ghsa-qcwq-55hx-v3vh	WEB
	https://osv.dev/vulnerability/ghsa-qqpg-mvqg-649v	WEB
	https://osv.dev/vulnerability/ghsa-wxr5-93ph-8wr9	WEB
	https://osv.dev/vulnerability/ghsa-xpw8-rcwv-8f8p	WEB
	https://osv.dev/vulnerability/ghsa-xq3w-v528-46rv	WEB
	https://osv.dev/vulnerability/ghsa-xwmg-2g98-w7v9	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2018-10237	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-8908	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-41973	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-24823	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-3171	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-3509	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-3510	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-41881	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-1370	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-2976	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-34453	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-34454	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-34455	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-34462	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-43642	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-44487	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-52428	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-12798	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-12801	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-13009	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-21634	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-25638	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-27137	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-29025	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-35255	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-40094	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-47535	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-47554	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-52046	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-6763	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-7254	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-8184	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-9823	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-23015	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-24860	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-24970	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-25193	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-46392	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-48734	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-48924	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-53864	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-55163	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-58056	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-58057	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-59419	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-67735	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-1225	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-33870	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-33871	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "stargate"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.0.91-r1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the stargate package. These issues are resolved in later releases. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-VH41554",
  "modified": "2026-04-03T09:17:16Z",
  "published": "2026-04-06T02:48:54.465143Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-VH41554.json"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-10237"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-8908"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-41973"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-24823"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-3171"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-3509"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-3510"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-41881"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-1370"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-2976"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-34453"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-34454"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-34455"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-34462"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-43642"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-44487"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-52428"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-12798"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-12801"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-13009"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-21634"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-25638"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-27137"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-29025"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-35255"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-40094"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-47535"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-47554"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-52046"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-6763"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-7254"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-8184"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-9823"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-23015"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-24860"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-24970"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-25193"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-46392"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-48734"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-48924"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-53864"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-55163"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-58056"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-58057"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-59419"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-67735"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-1225"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-33870"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-33871"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-25qh-j22f-pwp8"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-264p-99wq-f4j6"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-269q-hmxg-m83q"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-389x-839f-4rhx"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-3p8m-j85q-pgmj"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-493p-pfq6-5258"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-4g8c-wm8x-jfhw"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-4gg5-vx3j-xwc7"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-55g7-9cwv-5qfv"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-5jpm-x58v-624v"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-5mg8-w23w-74h3"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-6mjq-h674-j845"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-6v67-2wr5-gvf4"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-735f-pc8j-v9w8"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-76h9-2vwh-w278"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-78wr-2p64-hpwj"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-7g45-4rm6-3mm3"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-84h7-rjj3-6jx4"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-cfxw-4h78-h7fw"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-fghv-69vj-qj49"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-fjpj-2g6w-x25r"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-fx2c-96vj-985v"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-g5ww-5jh7-63cx"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-g8m5-722r-8whq"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-gvpg-vgmx-xg6w"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-h4h5-3hr4-j3g2"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-h9mq-f6q5-6c8m"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-j26w-f9rq-mr2q"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-j288-q9x7-2f5v"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-jq43-27x9-3v86"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-mvr2-9pj6-7w5j"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-pqr6-cmr2-h8hf"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-pr98-23f8-jwxv"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-prj3-ccx8-p6x4"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-q4rv-gq96-w7c5"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-qcwq-55hx-v3vh"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-qqpg-mvqg-649v"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-wxr5-93ph-8wr9"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-xpw8-rcwv-8f8p"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-xq3w-v528-46rv"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-xwmg-2g98-w7v9"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10237"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41973"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24823"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3171"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3509"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3510"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1370"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34453"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34454"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34455"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34462"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43642"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12798"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12801"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-13009"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21634"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25638"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27137"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35255"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40094"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47535"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47554"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52046"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6763"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7254"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8184"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9823"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23015"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24860"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24970"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25193"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46392"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48924"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53864"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55163"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58056"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58057"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59419"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67735"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1225"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33870"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33871"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "summary": "Security fixes for CVE-2018-10237, CVE-2020-8908, CVE-2021-41973, CVE-2022-24823, CVE-2022-3171, CVE-2022-3509, CVE-2022-3510, CVE-2022-41881, CVE-2023-1370, CVE-2023-2976, CVE-2023-34453, CVE-2023-34454, CVE-2023-34455, CVE-2023-34462, CVE-2023-43642, CVE-2023-44487, CVE-2023-52428, CVE-2024-12798, CVE-2024-12801, CVE-2024-13009, CVE-2024-21634, CVE-2024-25638, CVE-2024-27137, CVE-2024-29025, CVE-2024-35255, CVE-2024-40094, CVE-2024-47535, CVE-2024-47554, CVE-2024-52046, CVE-2024-6763, CVE-2024-7254, CVE-2024-8184, CVE-2024-9823, CVE-2025-23015, CVE-2025-24860, CVE-2025-24970, CVE-2025-25193, CVE-2025-46392, CVE-2025-48734, CVE-2025-48924, CVE-2025-53864, CVE-2025-55163, CVE-2025-58056, CVE-2025-58057, CVE-2025-59419, CVE-2025-67735, CVE-2026-1225, CVE-2026-33870, CVE-2026-33871, ghsa-25qh-j22f-pwp8, ghsa-264p-99wq-f4j6, ghsa-269q-hmxg-m83q, ghsa-389x-839f-4rhx, ghsa-3p8m-j85q-pgmj, ghsa-493p-pfq6-5258, ghsa-4g8c-wm8x-jfhw, ghsa-4gg5-vx3j-xwc7, ghsa-55g7-9cwv-5qfv, ghsa-5jpm-x58v-624v, ghsa-5mg8-w23w-74h3, ghsa-6mjq-h674-j845, ghsa-6v67-2wr5-gvf4, ghsa-735f-pc8j-v9w8, ghsa-76h9-2vwh-w278, ghsa-78wr-2p64-hpwj, ghsa-7g45-4rm6-3mm3, ghsa-84h7-rjj3-6jx4, ghsa-cfxw-4h78-h7fw, ghsa-fghv-69vj-qj49, ghsa-fjpj-2g6w-x25r, ghsa-fx2c-96vj-985v, ghsa-g5ww-5jh7-63cx, ghsa-g8m5-722r-8whq, ghsa-gvpg-vgmx-xg6w, ghsa-h4h5-3hr4-j3g2, ghsa-h9mq-f6q5-6c8m, ghsa-j26w-f9rq-mr2q, ghsa-j288-q9x7-2f5v, ghsa-jq43-27x9-3v86, ghsa-mvr2-9pj6-7w5j, ghsa-pqr6-cmr2-h8hf, ghsa-pr98-23f8-jwxv, ghsa-prj3-ccx8-p6x4, ghsa-q4rv-gq96-w7c5, ghsa-qcwq-55hx-v3vh, ghsa-qqpg-mvqg-649v, ghsa-wxr5-93ph-8wr9, ghsa-xpw8-rcwv-8f8p, ghsa-xq3w-v528-46rv, ghsa-xwmg-2g98-w7v9 applied in versions: 1.0.90-r4, 1.0.91-r0, 1.0.91-r1",
  "upstream": [
    "CVE-2018-10237",
    "CVE-2020-8908",
    "CVE-2021-41973",
    "CVE-2022-24823",
    "CVE-2022-3171",
    "CVE-2022-3509",
    "CVE-2022-3510",
    "CVE-2022-41881",
    "CVE-2023-1370",
    "CVE-2023-2976",
    "CVE-2023-34453",
    "CVE-2023-34454",
    "CVE-2023-34455",
    "CVE-2023-34462",
    "CVE-2023-43642",
    "CVE-2023-44487",
    "CVE-2023-52428",
    "CVE-2024-12798",
    "CVE-2024-12801",
    "CVE-2024-13009",
    "CVE-2024-21634",
    "CVE-2024-25638",
    "CVE-2024-27137",
    "CVE-2024-29025",
    "CVE-2024-35255",
    "CVE-2024-40094",
    "CVE-2024-47535",
    "CVE-2024-47554",
    "CVE-2024-52046",
    "CVE-2024-6763",
    "CVE-2024-7254",
    "CVE-2024-8184",
    "CVE-2024-9823",
    "CVE-2025-23015",
    "CVE-2025-24860",
    "CVE-2025-24970",
    "CVE-2025-25193",
    "CVE-2025-46392",
    "CVE-2025-48734",
    "CVE-2025-48924",
    "CVE-2025-53864",
    "CVE-2025-55163",
    "CVE-2025-58056",
    "CVE-2025-58057",
    "CVE-2025-59419",
    "CVE-2025-67735",
    "CVE-2026-1225",
    "CVE-2026-33870",
    "CVE-2026-33871",
    "ghsa-25qh-j22f-pwp8",
    "ghsa-264p-99wq-f4j6",
    "ghsa-269q-hmxg-m83q",
    "ghsa-389x-839f-4rhx",
    "ghsa-3p8m-j85q-pgmj",
    "ghsa-493p-pfq6-5258",
    "ghsa-4g8c-wm8x-jfhw",
    "ghsa-4gg5-vx3j-xwc7",
    "ghsa-55g7-9cwv-5qfv",
    "ghsa-5jpm-x58v-624v",
    "ghsa-5mg8-w23w-74h3",
    "ghsa-6mjq-h674-j845",
    "ghsa-6v67-2wr5-gvf4",
    "ghsa-735f-pc8j-v9w8",
    "ghsa-76h9-2vwh-w278",
    "ghsa-78wr-2p64-hpwj",
    "ghsa-7g45-4rm6-3mm3",
    "ghsa-84h7-rjj3-6jx4",
    "ghsa-cfxw-4h78-h7fw",
    "ghsa-fghv-69vj-qj49",
    "ghsa-fjpj-2g6w-x25r",
    "ghsa-fx2c-96vj-985v",
    "ghsa-g5ww-5jh7-63cx",
    "ghsa-g8m5-722r-8whq",
    "ghsa-gvpg-vgmx-xg6w",
    "ghsa-h4h5-3hr4-j3g2",
    "ghsa-h9mq-f6q5-6c8m",
    "ghsa-j26w-f9rq-mr2q",
    "ghsa-j288-q9x7-2f5v",
    "ghsa-jq43-27x9-3v86",
    "ghsa-mvr2-9pj6-7w5j",
    "ghsa-pqr6-cmr2-h8hf",
    "ghsa-pr98-23f8-jwxv",
    "ghsa-prj3-ccx8-p6x4",
    "ghsa-q4rv-gq96-w7c5",
    "ghsa-qcwq-55hx-v3vh",
    "ghsa-qqpg-mvqg-649v",
    "ghsa-wxr5-93ph-8wr9",
    "ghsa-xpw8-rcwv-8f8p",
    "ghsa-xq3w-v528-46rv",
    "ghsa-xwmg-2g98-w7v9"
  ]
}

CNVD-2018-10064

Vulnerability from cnvd - Published: 2018-05-22

Title

Google Guava无限内存分配漏洞

Description

Google Guava是美国谷歌（Google）公司开发的一款包括图形库、函数类型、I/O和字符串处理等的Java核心库。 Google Guava 11.0版本至24.1.1版本（不包括24.1.1版本）中存在安全漏洞，该漏洞源于程序未能正确的检测客户端发送的内容及数据大小是否合理。远程攻击者可利用该漏洞造成拒绝服务。

Severity

中

Patch Name

Google Guava无限内存分配漏洞的补丁

Patch Description

Formal description

厂商已发布漏洞修复程序，请及时关注更新： https://groups.google.com/forum/#!topic/guava-announce/xqWALw4W1vs/discussion

Reference

https://groups.google.com/forum/#!topic/guava-announce/xqWALw4W1vs/discussion

Impacted products

Name
Google Guava 11.0 - 24.x (<24.1.1)

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-10237"
    }
  },
  "description": "Google Guava\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u5f00\u53d1\u7684\u4e00\u6b3e\u5305\u62ec\u56fe\u5f62\u5e93\u3001\u51fd\u6570\u7c7b\u578b\u3001I/O\u548c\u5b57\u7b26\u4e32\u5904\u7406\u7b49\u7684Java\u6838\u5fc3\u5e93\u3002\r\n\r\nGoogle Guava 11.0\u7248\u672c\u81f324.1.1\u7248\u672c\uff08\u4e0d\u5305\u62ec24.1.1\u7248\u672c\uff09\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u7684\u68c0\u6d4b\u5ba2\u6237\u7aef\u53d1\u9001\u7684\u5185\u5bb9\u53ca\u6570\u636e\u5927\u5c0f\u662f\u5426\u5408\u7406\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "unknwon",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://groups.google.com/forum/#!topic/guava-announce/xqWALw4W1vs/discussion",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-10064",
  "openTime": "2018-05-22",
  "patchDescription": "Google Guava\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u5f00\u53d1\u7684\u4e00\u6b3e\u5305\u62ec\u56fe\u5f62\u5e93\u3001\u51fd\u6570\u7c7b\u578b\u3001I/O\u548c\u5b57\u7b26\u4e32\u5904\u7406\u7b49\u7684Java\u6838\u5fc3\u5e93\u3002\r\n\r\nGoogle Guava 11.0\u7248\u672c\u81f324.1.1\u7248\u672c\uff08\u4e0d\u5305\u62ec24.1.1\u7248\u672c\uff09\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u7684\u68c0\u6d4b\u5ba2\u6237\u7aef\u53d1\u9001\u7684\u5185\u5bb9\u53ca\u6570\u636e\u5927\u5c0f\u662f\u5426\u5408\u7406\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Google Guava\u65e0\u9650\u5185\u5b58\u5206\u914d\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Google Guava 11.0 - 24.x (\u003c24.1.1)"
  },
  "referenceLink": "https://groups.google.com/forum/#!topic/guava-announce/xqWALw4W1vs/discussion",
  "serverity": "\u4e2d",
  "submitTime": "2018-04-27",
  "title": "Google Guava\u65e0\u9650\u5185\u5b58\u5206\u914d\u6f0f\u6d1e"
}

FKIE_CVE-2018-10237

Vulnerability from fkie_nvd - Published: 2018-04-26 21:29 - Updated: 2024-11-21 03:41

Severity

5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
cve@mitre.org	http://www.securitytracker.com/id/1041707	Broken Link
cve@mitre.org	https://access.redhat.com/errata/RHSA-2018:2423	Third Party Advisory
cve@mitre.org	https://access.redhat.com/errata/RHSA-2018:2424	Third Party Advisory
cve@mitre.org	https://access.redhat.com/errata/RHSA-2018:2425	Third Party Advisory
cve@mitre.org	https://access.redhat.com/errata/RHSA-2018:2428	Third Party Advisory
cve@mitre.org	https://access.redhat.com/errata/RHSA-2018:2598	Third Party Advisory
cve@mitre.org	https://access.redhat.com/errata/RHSA-2018:2643	Third Party Advisory
cve@mitre.org	https://access.redhat.com/errata/RHSA-2018:2740	Third Party Advisory
cve@mitre.org	https://access.redhat.com/errata/RHSA-2018:2741	Third Party Advisory
cve@mitre.org	https://access.redhat.com/errata/RHSA-2018:2742	Third Party Advisory
cve@mitre.org	https://access.redhat.com/errata/RHSA-2018:2743	Third Party Advisory
cve@mitre.org	https://access.redhat.com/errata/RHSA-2018:2927	Third Party Advisory
cve@mitre.org	https://access.redhat.com/errata/RHSA-2019:2858	Third Party Advisory
cve@mitre.org	https://access.redhat.com/errata/RHSA-2019:3149	Third Party Advisory
cve@mitre.org	https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion	Vendor Advisory
cve@mitre.org	https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/19fa48533bc7ea1accf6b12746a74ed888ae6e49a5cf81ae4f807495%40%3Ccommon-dev.hadoop.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/33c6bccfeb7adf644d4d79894ca8f09370be6ed4b20632c2e228d085%40%3Ccommits.cassandra.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/3d5dbdd92ac9ceaef90e40f78599f9109f2f345252e0ac9d98e7e084%40%3Cgitbox.activemq.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/3ddd79c801edd99c0978e83dbe2168ebd36fd42acfa5dac38fb03dd6%40%3Cissues.activemq.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/cc48fe770c45a74dc3b37ed0817393e0c96701fc49bc431ed922f3cc%40%3Chdfs-dev.hadoop.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb%40%3Cdev.flink.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb%40%3Cuser.flink.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/r223bc776a077d0795786c38cbc6e7dd808fce1a9161b00ba9c0a5d55%40%3Cissues.lucene.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/r22c8173b804cd4a420c43064ba4e363d0022aa421008b1989f7354d4%40%3Cissues.flink.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/r27eb79a87a760335226dbfa6a7b7bffea539a535f8e80c41e482106d%40%3Cdev.cxf.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/r2ea4e5e5aa8ad73b001a466c582899620961f47d77a40af712c1fdf9%40%3Cdev.cxf.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/r30e7d7b6bfa630dacc41649a0e96dad75165d50474c1241068aa0f94%40%3Cissues.storm.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21%40%3Ccommits.samza.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/r38e2ab87528d3c904e7fac496e8fd766b9277656ff95b97d6b6b6dcd%40%3Cdev.cxf.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/r43491b25b2e5c368c34b106a82eff910a5cea3e90de82ad75cc16540%40%3Cdev.syncope.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/r50fc0bcc734dd82e691d36d209258683141bfc0083739a77e56ad92d%40%3Cdev.flink.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/r95799427b335807a4c54776908125c3e66597b65845ae50096d9278a%40%3Cdev.cxf.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b%40%3Cusers.kafka.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/ra4f44016926dcb034b3b230280a18102062f94ae55b8a31bb92fed84%40%3Cissues.lucene.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/ra8906723927aef2a599398c238eacfc845b74d812e0093ec2fc70a7d%40%3Cissues.flink.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/rb3da574c34bc6bd37972d2266af3093b90d7e437460423c24f477919%40%3Cissues.lucene.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/rc78f6e84f82cc662860e96526d8ab969f34dbe12dc560e22d9d147a3%40%3Cdev.cxf.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/rc8467f357b943ceaa86f289f8bc1a5d1c7955b75d3bac1426f2d4ac1%40%3Ccommon-dev.hadoop.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/rd0c8ec6e044aa2958dd0549ebf8ecead7f5968c9474ba73a504161b2%40%3Cdev.cxf.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/rdc56c15693c236e31e1e95f847b8e5e74fc0a05741d47488e7fc8c45%40%3Cissues.flink.apache.org%3E
cve@mitre.org	https://security.netapp.com/advisory/ntap-20220629-0008/
cve@mitre.org	https://www.oracle.com/security-alerts/cpuapr2020.html	Patch, Third Party Advisory
cve@mitre.org	https://www.oracle.com/security-alerts/cpujan2021.html	Patch, Third Party Advisory
cve@mitre.org	https://www.oracle.com/security-alerts/cpujul2020.html	Patch, Third Party Advisory
cve@mitre.org	https://www.oracle.com/security-alerts/cpuoct2021.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1041707	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:2423	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:2424	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:2425	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:2428	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:2598	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:2643	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:2740	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:2741	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:2742	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:2743	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:2927	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2019:2858	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2019:3149	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/19fa48533bc7ea1accf6b12746a74ed888ae6e49a5cf81ae4f807495%40%3Ccommon-dev.hadoop.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/33c6bccfeb7adf644d4d79894ca8f09370be6ed4b20632c2e228d085%40%3Ccommits.cassandra.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/3d5dbdd92ac9ceaef90e40f78599f9109f2f345252e0ac9d98e7e084%40%3Cgitbox.activemq.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/3ddd79c801edd99c0978e83dbe2168ebd36fd42acfa5dac38fb03dd6%40%3Cissues.activemq.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/cc48fe770c45a74dc3b37ed0817393e0c96701fc49bc431ed922f3cc%40%3Chdfs-dev.hadoop.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb%40%3Cdev.flink.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb%40%3Cuser.flink.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r223bc776a077d0795786c38cbc6e7dd808fce1a9161b00ba9c0a5d55%40%3Cissues.lucene.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r22c8173b804cd4a420c43064ba4e363d0022aa421008b1989f7354d4%40%3Cissues.flink.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r27eb79a87a760335226dbfa6a7b7bffea539a535f8e80c41e482106d%40%3Cdev.cxf.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r2ea4e5e5aa8ad73b001a466c582899620961f47d77a40af712c1fdf9%40%3Cdev.cxf.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r30e7d7b6bfa630dacc41649a0e96dad75165d50474c1241068aa0f94%40%3Cissues.storm.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21%40%3Ccommits.samza.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r38e2ab87528d3c904e7fac496e8fd766b9277656ff95b97d6b6b6dcd%40%3Cdev.cxf.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r43491b25b2e5c368c34b106a82eff910a5cea3e90de82ad75cc16540%40%3Cdev.syncope.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r50fc0bcc734dd82e691d36d209258683141bfc0083739a77e56ad92d%40%3Cdev.flink.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r95799427b335807a4c54776908125c3e66597b65845ae50096d9278a%40%3Cdev.cxf.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b%40%3Cusers.kafka.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/ra4f44016926dcb034b3b230280a18102062f94ae55b8a31bb92fed84%40%3Cissues.lucene.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/ra8906723927aef2a599398c238eacfc845b74d812e0093ec2fc70a7d%40%3Cissues.flink.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rb3da574c34bc6bd37972d2266af3093b90d7e437460423c24f477919%40%3Cissues.lucene.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rc78f6e84f82cc662860e96526d8ab969f34dbe12dc560e22d9d147a3%40%3Cdev.cxf.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rc8467f357b943ceaa86f289f8bc1a5d1c7955b75d3bac1426f2d4ac1%40%3Ccommon-dev.hadoop.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rd0c8ec6e044aa2958dd0549ebf8ecead7f5968c9474ba73a504161b2%40%3Cdev.cxf.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rdc56c15693c236e31e1e95f847b8e5e74fc0a05741d47488e7fc8c45%40%3Cissues.flink.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20220629-0008/
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpuapr2020.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpujan2021.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpujul2020.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpuoct2021.html	Patch, Third Party Advisory

Impacted products

Vendor	Product	Version
google	guava	*
redhat	openshift_container_platform	3.11
redhat	openstack	13
redhat	satellite	6.4
redhat	satellite_capsule	6.4
redhat	virtualization	4.2
redhat	virtualization_host	4.0
redhat	jboss_enterprise_application_platform	6.0.0
redhat	jboss_enterprise_application_platform	6.4.0
redhat	jboss_enterprise_application_platform	7.1.0
redhat	openshift_container_platform	4.1
redhat	virtualization	4.0
redhat	virtualization_host	4.0
redhat	enterprise_linux	7.0
redhat	jboss_enterprise_application_platform	6.0.0
redhat	jboss_enterprise_application_platform	6.4.0
redhat	enterprise_linux	5.0
redhat	jboss_enterprise_application_platform	6.0.0
redhat	jboss_enterprise_application_platform	6.4.0
redhat	jboss_enterprise_application_platform	7.1.0
redhat	enterprise_linux	6.0
oracle	banking_payments	*
oracle	communications_ip_service_activator	7.3.0
oracle	communications_ip_service_activator	7.4.0
oracle	customer_management_and_segmentation_foundation	18.0
oracle	database_server	12.2.0.1
oracle	database_server	18c
oracle	database_server	19c
oracle	flexcube_investor_servicing	12.1.0
oracle	flexcube_investor_servicing	12.3.0
oracle	flexcube_investor_servicing	12.4.0
oracle	flexcube_investor_servicing	14.0.0
oracle	flexcube_investor_servicing	14.1.0
oracle	flexcube_private_banking	12.0.0
oracle	flexcube_private_banking	12.1.0
oracle	retail_integration_bus	15.0
oracle	retail_integration_bus	16.0
oracle	retail_xstore_point_of_service	7.1
oracle	retail_xstore_point_of_service	15.0
oracle	retail_xstore_point_of_service	16.0
oracle	retail_xstore_point_of_service	17.0
oracle	weblogic_server	12.2.1.3.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:google:guava:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FD69F7A-64FF-4993-8DB5-072403998803",
              "versionEndExcluding": "24.1.1",
              "versionStartIncluding": "11.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F87326E-0B56-4356-A889-73D026DB1D4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*",
              "matchCriteriaId": "704CFA1A-953E-4105-BFBE-406034B83DED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:satellite:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB283C80-F7AF-4776-8432-655E50D7D65B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:satellite_capsule:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "461407B5-C167-4DE1-A934-FD5ADFB4AD4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:virtualization:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8C66E6D-8AD2-4709-BD18-ED9EAF9D8546",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB28F9AF-3D06-4532-B397-96D7E4792503",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B142ACCC-F7A9-4A3B-BE60-0D6691D5058D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1ABA871-3271-48E2-A69C-5AD70AF94E53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "868C0845-F25C-487F-A697-72917BE9D78E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "064E7BDD-4EF0-4A0D-A38D-8C75BAFEDCEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB28F9AF-3D06-4532-B397-96D7E4792503",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B142ACCC-F7A9-4A3B-BE60-0D6691D5058D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1ABA871-3271-48E2-A69C-5AD70AF94E53",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B142ACCC-F7A9-4A3B-BE60-0D6691D5058D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1ABA871-3271-48E2-A69C-5AD70AF94E53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "868C0845-F25C-487F-A697-72917BE9D78E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:banking_payments:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF46C9A-7768-4E52-A676-BEA6AE766AD4",
              "versionEndIncluding": "14.4.0",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_ip_service_activator:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE48E0FE-5931-441C-B4FF-253BD9C48186",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE7A60DB-A287-4E61-8131-B6314007191B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "727DF4F5-3D21-491E-96B9-EC973A6C9C18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:database_server:12.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C614BA7-7103-4ED7-ADD0-56064FE256A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:database_server:18c:*:*:*:*:*:*:*",
              "matchCriteriaId": "6833701E-5510-4180-9523-9CFD318DEE6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:database_server:19c:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2204841-585F-40C7-A1D9-C34E612808CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:flexcube_investor_servicing:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "21BE77B2-6368-470E-B9E6-21664D9A818A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:flexcube_investor_servicing:12.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3250073F-325A-4AFC-892F-F2005E3854A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:flexcube_investor_servicing:12.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DDDC9C2-33D6-4123-9ABC-C9B809A6E88E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:flexcube_investor_servicing:14.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "991A279B-9D7C-4E39-8827-BC21C2C03B83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:flexcube_investor_servicing:14.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A69266D2-72D0-4A6C-883D-2597FE30931B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:flexcube_private_banking:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6762F207-93C7-4363-B2F9-7A7C6F8AF993",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B74B912-152D-4F38-9FC1-741D6D0B27FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "42064F46-3012-4FB1-89BA-F13C2E4CBB6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_integration_bus:16.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F73E2EFA-0F43-4D92-8C7D-9E66811B76D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0ED83E3-E6BF-4EAA-AF8F-33485A88A218",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "11DA6839-849D-4CEF-85F3-38FE75E07183",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCE78490-A4BE-40BD-8C72-0A4526BBD4A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "55AE3629-4A66-49E4-A33D-6D81CC94962F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F14A818F-AA16-4438-A3E4-E64C9287AC66",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable."
    },
    {
      "lang": "es",
      "value": "Asignaci\u00f3n de memoria sin restringir en Google Guava 11.0 hasta las versiones 24.x anteriores a la 24.1.1 permite que los atacantes remotos realicen ataques de denegaci\u00f3n de servicio (DoS) contra servidores que dependen de esta librer\u00eda y que deserialicen datos proporcionados por dichos atacantes debido a que la clase AtomicDoubleArray (cuando se serializa con serializaci\u00f3n Java) y la clase CompoundOrdering (cuando se serializa con serializaci\u00f3n GWT) realiza una asignaci\u00f3n sin comprobar adecuadamente lo que ha enviado un cliente y si el tama\u00f1o de los datos es razonable."
    }
  ],
  "id": "CVE-2018-10237",
  "lastModified": "2024-11-21T03:41:04.663",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-04-26T21:29:00.230",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.securitytracker.com/id/1041707"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2423"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2424"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2425"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2428"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2598"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2643"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2740"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2741"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2742"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2743"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2927"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:2858"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:3149"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/19fa48533bc7ea1accf6b12746a74ed888ae6e49a5cf81ae4f807495%40%3Ccommon-dev.hadoop.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/33c6bccfeb7adf644d4d79894ca8f09370be6ed4b20632c2e228d085%40%3Ccommits.cassandra.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/3d5dbdd92ac9ceaef90e40f78599f9109f2f345252e0ac9d98e7e084%40%3Cgitbox.activemq.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/3ddd79c801edd99c0978e83dbe2168ebd36fd42acfa5dac38fb03dd6%40%3Cissues.activemq.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/cc48fe770c45a74dc3b37ed0817393e0c96701fc49bc431ed922f3cc%40%3Chdfs-dev.hadoop.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb%40%3Cdev.flink.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb%40%3Cuser.flink.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/r223bc776a077d0795786c38cbc6e7dd808fce1a9161b00ba9c0a5d55%40%3Cissues.lucene.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/r22c8173b804cd4a420c43064ba4e363d0022aa421008b1989f7354d4%40%3Cissues.flink.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/r27eb79a87a760335226dbfa6a7b7bffea539a535f8e80c41e482106d%40%3Cdev.cxf.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/r2ea4e5e5aa8ad73b001a466c582899620961f47d77a40af712c1fdf9%40%3Cdev.cxf.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/r30e7d7b6bfa630dacc41649a0e96dad75165d50474c1241068aa0f94%40%3Cissues.storm.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21%40%3Ccommits.samza.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/r38e2ab87528d3c904e7fac496e8fd766b9277656ff95b97d6b6b6dcd%40%3Cdev.cxf.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/r43491b25b2e5c368c34b106a82eff910a5cea3e90de82ad75cc16540%40%3Cdev.syncope.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/r50fc0bcc734dd82e691d36d209258683141bfc0083739a77e56ad92d%40%3Cdev.flink.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/r95799427b335807a4c54776908125c3e66597b65845ae50096d9278a%40%3Cdev.cxf.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b%40%3Cusers.kafka.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/ra4f44016926dcb034b3b230280a18102062f94ae55b8a31bb92fed84%40%3Cissues.lucene.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/ra8906723927aef2a599398c238eacfc845b74d812e0093ec2fc70a7d%40%3Cissues.flink.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/rb3da574c34bc6bd37972d2266af3093b90d7e437460423c24f477919%40%3Cissues.lucene.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/rc78f6e84f82cc662860e96526d8ab969f34dbe12dc560e22d9d147a3%40%3Cdev.cxf.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/rc8467f357b943ceaa86f289f8bc1a5d1c7955b75d3bac1426f2d4ac1%40%3Ccommon-dev.hadoop.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/rd0c8ec6e044aa2958dd0549ebf8ecead7f5968c9474ba73a504161b2%40%3Cdev.cxf.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/rdc56c15693c236e31e1e95f847b8e5e74fc0a05741d47488e7fc8c45%40%3Cissues.flink.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://security.netapp.com/advisory/ntap-20220629-0008/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.securitytracker.com/id/1041707"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2423"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2424"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2425"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2428"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2598"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2643"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2740"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2741"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2742"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2743"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2927"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:2858"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2019:3149"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/19fa48533bc7ea1accf6b12746a74ed888ae6e49a5cf81ae4f807495%40%3Ccommon-dev.hadoop.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/33c6bccfeb7adf644d4d79894ca8f09370be6ed4b20632c2e228d085%40%3Ccommits.cassandra.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/3d5dbdd92ac9ceaef90e40f78599f9109f2f345252e0ac9d98e7e084%40%3Cgitbox.activemq.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/3ddd79c801edd99c0978e83dbe2168ebd36fd42acfa5dac38fb03dd6%40%3Cissues.activemq.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/cc48fe770c45a74dc3b37ed0817393e0c96701fc49bc431ed922f3cc%40%3Chdfs-dev.hadoop.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb%40%3Cdev.flink.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb%40%3Cuser.flink.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r223bc776a077d0795786c38cbc6e7dd808fce1a9161b00ba9c0a5d55%40%3Cissues.lucene.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r22c8173b804cd4a420c43064ba4e363d0022aa421008b1989f7354d4%40%3Cissues.flink.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r27eb79a87a760335226dbfa6a7b7bffea539a535f8e80c41e482106d%40%3Cdev.cxf.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r2ea4e5e5aa8ad73b001a466c582899620961f47d77a40af712c1fdf9%40%3Cdev.cxf.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r30e7d7b6bfa630dacc41649a0e96dad75165d50474c1241068aa0f94%40%3Cissues.storm.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21%40%3Ccommits.samza.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r38e2ab87528d3c904e7fac496e8fd766b9277656ff95b97d6b6b6dcd%40%3Cdev.cxf.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r43491b25b2e5c368c34b106a82eff910a5cea3e90de82ad75cc16540%40%3Cdev.syncope.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r50fc0bcc734dd82e691d36d209258683141bfc0083739a77e56ad92d%40%3Cdev.flink.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r95799427b335807a4c54776908125c3e66597b65845ae50096d9278a%40%3Cdev.cxf.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b%40%3Cusers.kafka.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/ra4f44016926dcb034b3b230280a18102062f94ae55b8a31bb92fed84%40%3Cissues.lucene.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/ra8906723927aef2a599398c238eacfc845b74d812e0093ec2fc70a7d%40%3Cissues.flink.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/rb3da574c34bc6bd37972d2266af3093b90d7e437460423c24f477919%40%3Cissues.lucene.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/rc78f6e84f82cc662860e96526d8ab969f34dbe12dc560e22d9d147a3%40%3Cdev.cxf.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/rc8467f357b943ceaa86f289f8bc1a5d1c7955b75d3bac1426f2d4ac1%40%3Ccommon-dev.hadoop.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/rd0c8ec6e044aa2958dd0549ebf8ecead7f5968c9474ba73a504161b2%40%3Cdev.cxf.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/rdc56c15693c236e31e1e95f847b8e5e74fc0a05741d47488e7fc8c45%40%3Cissues.flink.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.netapp.com/advisory/ntap-20220629-0008/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-MVR2-9PJ6-7W5J

Vulnerability from github – Published: 2020-06-15 20:35 – Updated: 2023-09-07 22:25

Summary

Denial of Service in Google Guava

Details

Severity

5.9 (Medium)


                  
                    CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.google.guava:guava"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "11.0"
            },
            {
              "fixed": "24.1.1-android"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.google.guava:guava-jdk5"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "17.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.googlecode.guava-osgi:guava-osgi"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "11.0.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "de.mhus.ports:vaadin-shared-deps"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "7.4.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.hudsonci.lib.guava:guava"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "14.0.1-h-3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.sonatype.sisu:sisu-guava"
      },
      "versions": [
        "0.11.1"
      ]
    }
  ],
  "aliases": [
    "CVE-2018-10237"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502",
      "CWE-770"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-11T18:34:57Z",
    "nvd_published_at": "2018-04-26T21:29:00Z",
    "severity": "MODERATE"
  },
  "details": "Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable.",
  "id": "GHSA-mvr2-9pj6-7w5j",
  "modified": "2023-09-07T22:25:36Z",
  "published": "2020-06-15T20:35:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10237"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:2423"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r223bc776a077d0795786c38cbc6e7dd808fce1a9161b00ba9c0a5d55@%3Cissues.lucene.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r22c8173b804cd4a420c43064ba4e363d0022aa421008b1989f7354d4@%3Cissues.flink.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r27eb79a87a760335226dbfa6a7b7bffea539a535f8e80c41e482106d@%3Cdev.cxf.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r2ea4e5e5aa8ad73b001a466c582899620961f47d77a40af712c1fdf9@%3Cdev.cxf.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r30e7d7b6bfa630dacc41649a0e96dad75165d50474c1241068aa0f94@%3Cissues.storm.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21@%3Ccommits.samza.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r38e2ab87528d3c904e7fac496e8fd766b9277656ff95b97d6b6b6dcd@%3Cdev.cxf.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748@%3Ccommits.pulsar.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r43491b25b2e5c368c34b106a82eff910a5cea3e90de82ad75cc16540@%3Cdev.syncope.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r50fc0bcc734dd82e691d36d209258683141bfc0083739a77e56ad92d@%3Cdev.flink.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba@%3Cissues.maven.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r95799427b335807a4c54776908125c3e66597b65845ae50096d9278a@%3Cdev.cxf.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b@%3Cusers.kafka.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/ra4f44016926dcb034b3b230280a18102062f94ae55b8a31bb92fed84@%3Cissues.lucene.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/ra8906723927aef2a599398c238eacfc845b74d812e0093ec2fc70a7d@%3Cissues.flink.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rb3da574c34bc6bd37972d2266af3093b90d7e437460423c24f477919@%3Cissues.lucene.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rc78f6e84f82cc662860e96526d8ab969f34dbe12dc560e22d9d147a3@%3Cdev.cxf.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rc8467f357b943ceaa86f289f8bc1a5d1c7955b75d3bac1426f2d4ac1@%3Ccommon-dev.hadoop.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95@%3Cgithub.arrow.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rd0c8ec6e044aa2958dd0549ebf8ecead7f5968c9474ba73a504161b2@%3Cdev.cxf.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rdc56c15693c236e31e1e95f847b8e5e74fc0a05741d47488e7fc8c45@%3Cissues.flink.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20220629-0008"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:2424"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:2425"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:2428"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:2598"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:2643"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:2740"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:2741"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:2742"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:2743"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:2927"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:2858"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:3149"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/google/guava"
    },
    {
      "type": "WEB",
      "url": "https://github.com/google/guava/wiki/CVE-2018-10237"
    },
    {
      "type": "WEB",
      "url": "https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/19fa48533bc7ea1accf6b12746a74ed888ae6e49a5cf81ae4f807495@%3Ccommon-dev.hadoop.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/33c6bccfeb7adf644d4d79894ca8f09370be6ed4b20632c2e228d085@%3Ccommits.cassandra.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/3d5dbdd92ac9ceaef90e40f78599f9109f2f345252e0ac9d98e7e084@%3Cgitbox.activemq.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/3ddd79c801edd99c0978e83dbe2168ebd36fd42acfa5dac38fb03dd6@%3Cissues.activemq.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/cc48fe770c45a74dc3b37ed0817393e0c96701fc49bc431ed922f3cc@%3Chdfs-dev.hadoop.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb@%3Cdev.flink.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb@%3Cuser.flink.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1041707"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Denial of Service in Google Guava"
}

GSD-2018-10237

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-10237

Aliases

CVE-2018-10237

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-10237",
    "description": "Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable.",
    "id": "GSD-2018-10237",
    "references": [
      "https://www.suse.com/security/cve/CVE-2018-10237.html",
      "https://access.redhat.com/errata/RHSA-2020:2562",
      "https://access.redhat.com/errata/RHSA-2019:3149",
      "https://access.redhat.com/errata/RHSA-2019:2858",
      "https://access.redhat.com/errata/RHSA-2018:2927",
      "https://access.redhat.com/errata/RHSA-2018:2743",
      "https://access.redhat.com/errata/RHSA-2018:2742",
      "https://access.redhat.com/errata/RHSA-2018:2741",
      "https://access.redhat.com/errata/RHSA-2018:2740",
      "https://access.redhat.com/errata/RHSA-2018:2643",
      "https://access.redhat.com/errata/RHSA-2018:2598",
      "https://access.redhat.com/errata/RHSA-2018:2428",
      "https://access.redhat.com/errata/RHSA-2018:2425",
      "https://access.redhat.com/errata/RHSA-2018:2424",
      "https://access.redhat.com/errata/RHSA-2018:2423"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-10237"
      ],
      "details": "Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable.",
      "id": "GSD-2018-10237",
      "modified": "2023-12-13T01:22:41.749704Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2018-10237",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "RHSA-2018:2428",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2018:2428"
          },
          {
            "name": "RHSA-2018:2740",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2018:2740"
          },
          {
            "name": "RHSA-2018:2741",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2018:2741"
          },
          {
            "name": "RHSA-2018:2742",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2018:2742"
          },
          {
            "name": "RHSA-2018:2598",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2018:2598"
          },
          {
            "name": "RHSA-2018:2643",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2018:2643"
          },
          {
            "name": "RHSA-2018:2424",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2018:2424"
          },
          {
            "name": "RHSA-2018:2423",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2018:2423"
          },
          {
            "name": "RHSA-2018:2425",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2018:2425"
          },
          {
            "name": "RHSA-2018:2927",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2018:2927"
          },
          {
            "name": "1041707",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1041707"
          },
          {
            "name": "RHSA-2018:2743",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2018:2743"
          },
          {
            "name": "[hadoop-hdfs-dev] 20190401 Update guava to 27.0-jre in hadoop-project",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/cc48fe770c45a74dc3b37ed0817393e0c96701fc49bc431ed922f3cc@%3Chdfs-dev.hadoop.apache.org%3E"
          },
          {
            "name": "[hadoop-common-dev] 20190401 Update guava to 27.0-jre in hadoop-project",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/19fa48533bc7ea1accf6b12746a74ed888ae6e49a5cf81ae4f807495@%3Ccommon-dev.hadoop.apache.org%3E"
          },
          {
            "name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E"
          },
          {
            "name": "[activemq-issues] 20190516 [jira] [Created] (AMQ-7208) Security Issue related to Guava 18.0",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/3ddd79c801edd99c0978e83dbe2168ebd36fd42acfa5dac38fb03dd6@%3Cissues.activemq.apache.org%3E"
          },
          {
            "name": "[activemq-gitbox] 20190530 [GitHub] [activemq-artemis] brusdev opened a new pull request #2687: ARTEMIS-2359 Upgrade to Guava 24.1",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/3d5dbdd92ac9ceaef90e40f78599f9109f2f345252e0ac9d98e7e084@%3Cgitbox.activemq.apache.org%3E"
          },
          {
            "name": "[cassandra-commits] 20190612 [jira] [Assigned] (CASSANDRA-14760) CVE-2018-10237 Security vulnerability in 3.11.3",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/33c6bccfeb7adf644d4d79894ca8f09370be6ed4b20632c2e228d085@%3Ccommits.cassandra.apache.org%3E"
          },
          {
            "name": "[activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E"
          },
          {
            "name": "RHSA-2019:2858",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2019:2858"
          },
          {
            "name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E"
          },
          {
            "name": "RHSA-2019:3149",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2019:3149"
          },
          {
            "name": "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"
          },
          {
            "name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"
          },
          {
            "name": "[cxf-dev] 20200206 [GitHub] [cxf] davidkarlsen opened a new pull request #638: upgrade guava, CVE-2018-10237",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r27eb79a87a760335226dbfa6a7b7bffea539a535f8e80c41e482106d@%3Cdev.cxf.apache.org%3E"
          },
          {
            "name": "[cxf-dev] 20200206 [GitHub] [cxf] reta commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r95799427b335807a4c54776908125c3e66597b65845ae50096d9278a@%3Cdev.cxf.apache.org%3E"
          },
          {
            "name": "[cxf-dev] 20200211 [GitHub] [cxf] coheigea commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rc78f6e84f82cc662860e96526d8ab969f34dbe12dc560e22d9d147a3@%3Cdev.cxf.apache.org%3E"
          },
          {
            "name": "[kafka-users] 20200413 CVEs for the dependency software guava and rocksdbjni of Kafka",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b@%3Cusers.kafka.apache.org%3E"
          },
          {
            "name": "[cxf-dev] 20200420 [GitHub] [cxf] coheigea commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rd0c8ec6e044aa2958dd0549ebf8ecead7f5968c9474ba73a504161b2@%3Cdev.cxf.apache.org%3E"
          },
          {
            "name": "[cxf-dev] 20200420 [GitHub] [cxf] reta commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r38e2ab87528d3c904e7fac496e8fd766b9277656ff95b97d6b6b6dcd@%3Cdev.cxf.apache.org%3E"
          },
          {
            "name": "[cxf-dev] 20200420 [GitHub] [cxf] andrei-ivanov commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r2ea4e5e5aa8ad73b001a466c582899620961f47d77a40af712c1fdf9@%3Cdev.cxf.apache.org%3E"
          },
          {
            "name": "[syncope-dev] 20200423 Re: Time to cut 2.1.6 / 2.0.15?",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r43491b25b2e5c368c34b106a82eff910a5cea3e90de82ad75cc16540@%3Cdev.syncope.apache.org%3E"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
          },
          {
            "name": "[hadoop-common-dev] 20200623 Update guava to 27.0-jre in hadoop branch-2.10",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rc8467f357b943ceaa86f289f8bc1a5d1c7955b75d3bac1426f2d4ac1@%3Ccommon-dev.hadoop.apache.org%3E"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpujul2020.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
          },
          {
            "name": "https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion",
            "refsource": "CONFIRM",
            "url": "https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion"
          },
          {
            "name": "[flink-dev] 20200806 Dependency vulnerabilities with Apache Flink 1.10.1 version",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb@%3Cdev.flink.apache.org%3E"
          },
          {
            "name": "[flink-user] 20200806 Dependency vulnerabilities with Apache Flink 1.10.1 version",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb@%3Cuser.flink.apache.org%3E"
          },
          {
            "name": "[flink-dev] 20200806 [jira] [Created] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r50fc0bcc734dd82e691d36d209258683141bfc0083739a77e56ad92d@%3Cdev.flink.apache.org%3E"
          },
          {
            "name": "[flink-issues] 20200806 [jira] [Created] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rdc56c15693c236e31e1e95f847b8e5e74fc0a05741d47488e7fc8c45@%3Cissues.flink.apache.org%3E"
          },
          {
            "name": "[flink-issues] 20200814 [jira] [Commented] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/ra8906723927aef2a599398c238eacfc845b74d812e0093ec2fc70a7d@%3Cissues.flink.apache.org%3E"
          },
          {
            "name": "[lucene-issues] 20201022 [jira] [Created] (SOLR-14960) Solr-clustering is bringing in CVE-2018-10237 vulnerable guava",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/ra4f44016926dcb034b3b230280a18102062f94ae55b8a31bb92fed84@%3Cissues.lucene.apache.org%3E"
          },
          {
            "name": "[lucene-issues] 20201022 [jira] [Updated] (SOLR-14960) Solr-clustering is bringing in CVE-2018-10237 vulnerable guava",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rb3da574c34bc6bd37972d2266af3093b90d7e437460423c24f477919@%3Cissues.lucene.apache.org%3E"
          },
          {
            "name": "[lucene-issues] 20201022 [jira] [Resolved] (SOLR-14960) Solr-clustering is bringing in CVE-2018-10237 vulnerable guava",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r223bc776a077d0795786c38cbc6e7dd808fce1a9161b00ba9c0a5d55@%3Cissues.lucene.apache.org%3E"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpujan2021.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
          },
          {
            "name": "[maven-issues] 20210122 [GitHub] [maven-indexer] akurtakov opened a new pull request #75: Remove guava dependency from indexer-core",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba@%3Cissues.maven.apache.org%3E"
          },
          {
            "name": "[flink-issues] 20210212 [jira] [Closed] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r22c8173b804cd4a420c43064ba4e363d0022aa421008b1989f7354d4@%3Cissues.flink.apache.org%3E"
          },
          {
            "name": "[samza-commits] 20210310 [GitHub] [samza] Telesia opened a new pull request #1471: SAMZA-2630: Upgrade dependencies for security fixes",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21@%3Ccommits.samza.apache.org%3E"
          },
          {
            "name": "[storm-issues] 20210315 [jira] [Created] (STORM-3754) Upgrade Guava version because of security vulnerability",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r30e7d7b6bfa630dacc41649a0e96dad75165d50474c1241068aa0f94@%3Cissues.storm.apache.org%3E"
          },
          {
            "name": "[pulsar-commits] 20210406 [GitHub] [pulsar] lhotari opened a new pull request #10149: Upgrade jclouds to 2.3.0 to fix security vulnerabilities",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748@%3Ccommits.pulsar.apache.org%3E"
          },
          {
            "name": "[arrow-github] 20210610 [GitHub] [arrow] projjal opened a new pull request #10501: ARROW-13032: Update guava version",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95@%3Cgithub.arrow.apache.org%3E"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20220629-0008/",
            "refsource": "CONFIRM",
            "url": "https://security.netapp.com/advisory/ntap-20220629-0008/"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "[11.0-rc1,24.1.1)",
          "affected_versions": "All versions starting from 11.0-rc1 before 24.1.1",
          "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "cvss_v3": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-770",
            "CWE-937"
          ],
          "date": "2019-06-12",
          "description": "Unbounded memory allocation allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the `AtomicDoubleArray` class (when serialized with Java serialization) and the `CompoundOrdering` class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable.",
          "fixed_versions": [
            "24.1.1-jre",
            "24.1.1-android"
          ],
          "identifier": "CVE-2018-10237",
          "identifiers": [
            "CVE-2018-10237"
          ],
          "package_slug": "maven/com.google.guava/guava",
          "pubdate": "2018-04-26",
          "solution": "Upgrade to the fixed version",
          "title": "Deserialization of Untrusted Data",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2018-10237",
            "https://groups.google.com/forum/#!topic/guava-announce/xqWALw4W1vs/discussion",
            "https://github.com/google/guava/wiki/CVE-2018-10237"
          ],
          "uuid": "57b723bd-ccbb-4034-b6c9-2581d30911e5"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:google:guava:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "24.1.1",
                "versionStartIncluding": "11.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:virtualization:4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:satellite:6.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:satellite_capsule:6.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:oracle:flexcube_investor_servicing:12.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:flexcube_investor_servicing:12.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:flexcube_private_banking:12.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:database_server:12.2.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_payments:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "14.4.0",
                "versionStartIncluding": "14.1.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_ip_service_activator:7.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:database_server:18c:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:database_server:19c:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:flexcube_investor_servicing:12.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:flexcube_investor_servicing:14.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:flexcube_investor_servicing:14.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_integration_bus:16.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-10237"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-770"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion"
            },
            {
              "name": "RHSA-2018:2428",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:2428"
            },
            {
              "name": "RHSA-2018:2425",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:2425"
            },
            {
              "name": "RHSA-2018:2424",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:2424"
            },
            {
              "name": "RHSA-2018:2423",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:2423"
            },
            {
              "name": "RHSA-2018:2598",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:2598"
            },
            {
              "name": "RHSA-2018:2643",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:2643"
            },
            {
              "name": "RHSA-2018:2743",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:2743"
            },
            {
              "name": "RHSA-2018:2742",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:2742"
            },
            {
              "name": "RHSA-2018:2741",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:2741"
            },
            {
              "name": "RHSA-2018:2740",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:2740"
            },
            {
              "name": "1041707",
              "refsource": "SECTRACK",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.securitytracker.com/id/1041707"
            },
            {
              "name": "RHSA-2018:2927",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:2927"
            },
            {
              "name": "[hadoop-hdfs-dev] 20190401 Update guava to 27.0-jre in hadoop-project",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/cc48fe770c45a74dc3b37ed0817393e0c96701fc49bc431ed922f3cc@%3Chdfs-dev.hadoop.apache.org%3E"
            },
            {
              "name": "[hadoop-common-dev] 20190401 Update guava to 27.0-jre in hadoop-project",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/19fa48533bc7ea1accf6b12746a74ed888ae6e49a5cf81ae4f807495@%3Ccommon-dev.hadoop.apache.org%3E"
            },
            {
              "name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E"
            },
            {
              "name": "[activemq-issues] 20190516 [jira] [Created] (AMQ-7208) Security Issue related to Guava 18.0",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/3ddd79c801edd99c0978e83dbe2168ebd36fd42acfa5dac38fb03dd6@%3Cissues.activemq.apache.org%3E"
            },
            {
              "name": "[activemq-gitbox] 20190530 [GitHub] [activemq-artemis] brusdev opened a new pull request #2687: ARTEMIS-2359 Upgrade to Guava 24.1",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/3d5dbdd92ac9ceaef90e40f78599f9109f2f345252e0ac9d98e7e084@%3Cgitbox.activemq.apache.org%3E"
            },
            {
              "name": "[cassandra-commits] 20190612 [jira] [Assigned] (CASSANDRA-14760) CVE-2018-10237 Security vulnerability in 3.11.3",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/33c6bccfeb7adf644d4d79894ca8f09370be6ed4b20632c2e228d085@%3Ccommits.cassandra.apache.org%3E"
            },
            {
              "name": "[activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E"
            },
            {
              "name": "RHSA-2019:2858",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:2858"
            },
            {
              "name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E"
            },
            {
              "name": "RHSA-2019:3149",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:3149"
            },
            {
              "name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"
            },
            {
              "name": "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"
            },
            {
              "name": "[cxf-dev] 20200206 [GitHub] [cxf] davidkarlsen opened a new pull request #638: upgrade guava, CVE-2018-10237",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r27eb79a87a760335226dbfa6a7b7bffea539a535f8e80c41e482106d@%3Cdev.cxf.apache.org%3E"
            },
            {
              "name": "[cxf-dev] 20200206 [GitHub] [cxf] reta commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r95799427b335807a4c54776908125c3e66597b65845ae50096d9278a@%3Cdev.cxf.apache.org%3E"
            },
            {
              "name": "[cxf-dev] 20200211 [GitHub] [cxf] coheigea commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/rc78f6e84f82cc662860e96526d8ab969f34dbe12dc560e22d9d147a3@%3Cdev.cxf.apache.org%3E"
            },
            {
              "name": "[kafka-users] 20200413 CVEs for the dependency software guava and rocksdbjni of Kafka",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b@%3Cusers.kafka.apache.org%3E"
            },
            {
              "name": "N/A",
              "refsource": "N/A",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
            },
            {
              "name": "[cxf-dev] 20200420 [GitHub] [cxf] coheigea commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/rd0c8ec6e044aa2958dd0549ebf8ecead7f5968c9474ba73a504161b2@%3Cdev.cxf.apache.org%3E"
            },
            {
              "name": "[cxf-dev] 20200420 [GitHub] [cxf] reta commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r38e2ab87528d3c904e7fac496e8fd766b9277656ff95b97d6b6b6dcd@%3Cdev.cxf.apache.org%3E"
            },
            {
              "name": "[cxf-dev] 20200420 [GitHub] [cxf] andrei-ivanov commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r2ea4e5e5aa8ad73b001a466c582899620961f47d77a40af712c1fdf9@%3Cdev.cxf.apache.org%3E"
            },
            {
              "name": "[syncope-dev] 20200423 Re: Time to cut 2.1.6 / 2.0.15?",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r43491b25b2e5c368c34b106a82eff910a5cea3e90de82ad75cc16540@%3Cdev.syncope.apache.org%3E"
            },
            {
              "name": "[hadoop-common-dev] 20200623 Update guava to 27.0-jre in hadoop branch-2.10",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/rc8467f357b943ceaa86f289f8bc1a5d1c7955b75d3bac1426f2d4ac1@%3Ccommon-dev.hadoop.apache.org%3E"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujul2020.html",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
            },
            {
              "name": "[flink-user] 20200806 Dependency vulnerabilities with Apache Flink 1.10.1 version",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb@%3Cuser.flink.apache.org%3E"
            },
            {
              "name": "[flink-dev] 20200806 Dependency vulnerabilities with Apache Flink 1.10.1 version",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb@%3Cdev.flink.apache.org%3E"
            },
            {
              "name": "[flink-issues] 20200806 [jira] [Created] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/rdc56c15693c236e31e1e95f847b8e5e74fc0a05741d47488e7fc8c45@%3Cissues.flink.apache.org%3E"
            },
            {
              "name": "[flink-dev] 20200806 [jira] [Created] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r50fc0bcc734dd82e691d36d209258683141bfc0083739a77e56ad92d@%3Cdev.flink.apache.org%3E"
            },
            {
              "name": "[flink-issues] 20200814 [jira] [Commented] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/ra8906723927aef2a599398c238eacfc845b74d812e0093ec2fc70a7d@%3Cissues.flink.apache.org%3E"
            },
            {
              "name": "[lucene-issues] 20201022 [jira] [Created] (SOLR-14960) Solr-clustering is bringing in CVE-2018-10237 vulnerable guava",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/ra4f44016926dcb034b3b230280a18102062f94ae55b8a31bb92fed84@%3Cissues.lucene.apache.org%3E"
            },
            {
              "name": "[lucene-issues] 20201022 [jira] [Updated] (SOLR-14960) Solr-clustering is bringing in CVE-2018-10237 vulnerable guava",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/rb3da574c34bc6bd37972d2266af3093b90d7e437460423c24f477919@%3Cissues.lucene.apache.org%3E"
            },
            {
              "name": "[lucene-issues] 20201022 [jira] [Resolved] (SOLR-14960) Solr-clustering is bringing in CVE-2018-10237 vulnerable guava",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r223bc776a077d0795786c38cbc6e7dd808fce1a9161b00ba9c0a5d55@%3Cissues.lucene.apache.org%3E"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujan2021.html",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
            },
            {
              "name": "[maven-issues] 20210122 [GitHub] [maven-indexer] akurtakov opened a new pull request #75: Remove guava dependency from indexer-core",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba@%3Cissues.maven.apache.org%3E"
            },
            {
              "name": "[flink-issues] 20210212 [jira] [Closed] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r22c8173b804cd4a420c43064ba4e363d0022aa421008b1989f7354d4@%3Cissues.flink.apache.org%3E"
            },
            {
              "name": "[samza-commits] 20210310 [GitHub] [samza] Telesia opened a new pull request #1471: SAMZA-2630: Upgrade dependencies for security fixes",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21@%3Ccommits.samza.apache.org%3E"
            },
            {
              "name": "[storm-issues] 20210315 [jira] [Created] (STORM-3754) Upgrade Guava version because of security vulnerability",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r30e7d7b6bfa630dacc41649a0e96dad75165d50474c1241068aa0f94@%3Cissues.storm.apache.org%3E"
            },
            {
              "name": "[pulsar-commits] 20210406 [GitHub] [pulsar] lhotari opened a new pull request #10149: Upgrade jclouds to 2.3.0 to fix security vulnerabilities",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748@%3Ccommits.pulsar.apache.org%3E"
            },
            {
              "name": "[arrow-github] 20210610 [GitHub] [arrow] projjal opened a new pull request #10501: ARROW-13032: Update guava version",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95@%3Cgithub.arrow.apache.org%3E"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20220629-0008/",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://security.netapp.com/advisory/ntap-20220629-0008/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.2,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2022-06-29T19:15Z",
      "publishedDate": "2018-04-26T21:29Z"
    }
  }
}

RHSA-2018:2423

Vulnerability from csaf_redhat - Published: 2018-08-15 11:31 - Updated: 2026-05-14 22:24

Summary

Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.4 on RHEL 6 security update

Severity

Important

Notes

Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.1.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix(es): * guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service (CVE-2018-10237) * bouncycastle: flaw in the low-level interface to RSA key pair generator (CVE-2018-1000180) * cxf: Improper size validation in message attachment header for JAX-WS and JAX-RS services (CVE-2017-12624) * wildfly: wildfly-core: Path traversal can allow the extraction of .war archives to write arbitrary files (CVE-2018-10862) * cxf-core: apache-cxf: TLS hostname verification does not work correctly with com.sun.net.ssl.* (CVE-2018-8039) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2017-12624

Apache CXF supports sending and receiving attachments via either the JAX-WS or JAX-RS specifications. It is possible to craft a message attachment header that could lead to a Denial of Service (DoS) attack on a CXF web service provider. Both JAX-WS and JAX-RS services are vulnerable to this attack. From Apache CXF 3.2.1 and 3.1.14, message attachment headers that are greater than 300 characters will be rejected by default. This value is configurable via the property "attachment-max-header-size".

5.3 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-20 - Improper Input Validation

Affected products

Fixed 131 products

Product	Version	Remediation
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-8039

It was discovered that when Apache CXF is configured to use the system property com.sun.net.ssl.internal.www.protocol ,it uses reflection to make the HostnameVerifier work with old com.sun.net.ssl.HostnameVerifier interface. Although the CXF implementation throws an exception, which is caught in the reflection code but it is not properly propagated, this can lead to a man-in-the-middle attack.

6.5 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE-248 - Uncaught Exception

Affected products

Fixed 131 products

Product	Version	Remediation
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-10237

A vulnerability was found in Guava where the AtomicDoubleArray and CompoundOrdering classes were found to allocate memory based on size fields sent by the client without validation. A crafted message could cause the server to consume all available memory or crash leading to a denial of service.

5.9 (Medium)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Affected products

Fixed 131 products

Product	Version	Remediation
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-10862

It was found that the explode function of the deployment utility in jboss-cli and console that allows extraction of files from an archive does not perform necessary validation for directory traversal. This can lead to remote code execution.

7.6 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Fixed 131 products

Product	Version	Remediation
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-1000180

A vulnerability was found in BouncyCastle. The number of iterations of the Miller-Rabin primality test was incorrectly calculated (according to FIPS 186-4 C.3). Under some circumstances, this could lead to the generation of weak RSA key pairs.

4.8 (Medium)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE-325 - Missing Cryptographic Step

Affected products

Fixed 131 products

Product	Version	Remediation
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src	—	Vendor Fix fix

Threats

Impact Moderate

References

35 references

URL	Category
https://access.redhat.com/errata/RHSA-2018:2423	self
https://access.redhat.com/security/updates/classi…	external
https://access.redhat.com/documentation/en-us/red…	external
https://access.redhat.com/documentation/en-us/red…	external
https://bugzilla.redhat.com/show_bug.cgi?id=1515976	external
https://bugzilla.redhat.com/show_bug.cgi?id=1573391	external
https://bugzilla.redhat.com/show_bug.cgi?id=1588306	external
https://bugzilla.redhat.com/show_bug.cgi?id=1593527	external
https://bugzilla.redhat.com/show_bug.cgi?id=1595332	external
https://issues.redhat.com/browse/JBEAP-14787	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2017-12624	self
https://bugzilla.redhat.com/show_bug.cgi?id=1515976	external
https://www.cve.org/CVERecord?id=CVE-2017-12624	external
https://nvd.nist.gov/vuln/detail/CVE-2017-12624	external
https://access.redhat.com/security/cve/CVE-2018-8039	self
https://bugzilla.redhat.com/show_bug.cgi?id=1595332	external
https://www.cve.org/CVERecord?id=CVE-2018-8039	external
https://nvd.nist.gov/vuln/detail/CVE-2018-8039	external
http://cxf.apache.org/security-advisories.data/CV…	external
https://access.redhat.com/security/cve/CVE-2018-10237	self
https://bugzilla.redhat.com/show_bug.cgi?id=1573391	external
https://www.cve.org/CVERecord?id=CVE-2018-10237	external
https://nvd.nist.gov/vuln/detail/CVE-2018-10237	external
https://github.com/google/guava/wiki/CVE-2018-10237	external
https://groups.google.com/forum/#!topic/guava-ann…	external
https://access.redhat.com/security/cve/CVE-2018-10862	self
https://bugzilla.redhat.com/show_bug.cgi?id=1593527	external
https://www.cve.org/CVERecord?id=CVE-2018-10862	external
https://nvd.nist.gov/vuln/detail/CVE-2018-10862	external
https://snyk.io/research/zip-slip-vulnerability	external
https://access.redhat.com/security/cve/CVE-2018-1000180	self
https://bugzilla.redhat.com/show_bug.cgi?id=1588306	external
https://www.cve.org/CVERecord?id=CVE-2018-1000180	external
https://nvd.nist.gov/vuln/detail/CVE-2018-1000180	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.1.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service (CVE-2018-10237)\n\n* bouncycastle: flaw in the low-level interface to RSA key pair generator (CVE-2018-1000180)\n\n* cxf: Improper size validation in message attachment header for JAX-WS and JAX-RS services (CVE-2017-12624)\n\n* wildfly: wildfly-core: Path traversal can allow the extraction of .war archives to write arbitrary files (CVE-2018-10862)\n\n* cxf-core: apache-cxf: TLS hostname verification does not work correctly with com.sun.net.ssl.* (CVE-2018-8039)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in the\nReferences section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2018:2423",
        "url": "https://access.redhat.com/errata/RHSA-2018:2423"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=7.1",
        "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=7.1"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.1/html-single/installation_guide/",
        "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.1/html-single/installation_guide/"
      },
      {
        "category": "external",
        "summary": "1515976",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1515976"
      },
      {
        "category": "external",
        "summary": "1573391",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1573391"
      },
      {
        "category": "external",
        "summary": "1588306",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588306"
      },
      {
        "category": "external",
        "summary": "1593527",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1593527"
      },
      {
        "category": "external",
        "summary": "1595332",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595332"
      },
      {
        "category": "external",
        "summary": "JBEAP-14787",
        "url": "https://issues.redhat.com/browse/JBEAP-14787"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2423.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.4 on RHEL 6 security update",
    "tracking": {
      "current_release_date": "2026-05-14T22:24:07+00:00",
      "generator": {
        "date": "2026-05-14T22:24:07+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.0"
        }
      },
      "id": "RHSA-2018:2423",
      "initial_release_date": "2018-08-15T11:31:11+00:00",
      "revision_history": [
        {
          "date": "2018-08-15T11:31:11+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2018-08-15T11:31:11+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-05-14T22:24:07+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
                  "product_id": "6Server-JBEAP-7.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Enterprise Application Platform"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src",
                "product": {
                  "name": "eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src",
                  "product_id": "eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.8-1.Final_redhat_1.1.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src",
                "product": {
                  "name": "eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src",
                  "product_id": "eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-undertow@1.4.18-7.SP8_redhat_1.1.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src",
                "product": {
                  "name": "eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src",
                  "product_id": "eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.10-1.Final_redhat_1.1.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src",
                "product": {
                  "name": "eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src",
                  "product_id": "eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-mod_cluster@1.3.10-1.Final_redhat_1.1.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
                "product": {
                  "name": "eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
                  "product_id": "eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-13.SP12_redhat_1.1.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
                "product": {
                  "name": "eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
                  "product_id": "eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-13.SP12_redhat_1.1.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src",
                "product": {
                  "name": "eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src",
                  "product_id": "eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-web-console-eap@2.9.18-1.Final_redhat_1.1.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src",
                "product": {
                  "name": "eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src",
                  "product_id": "eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-narayana@5.5.32-1.Final_redhat_1.1.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src",
                "product": {
                  "name": "eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src",
                  "product_id": "eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.9-1.Final_redhat_1.1.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src",
                "product": {
                  "name": "eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src",
                  "product_id": "eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-guava-libraries@25.0.0-1.redhat_1.1.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src",
                "product": {
                  "name": "eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src",
                  "product_id": "eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy@3.0.26-1.Final_redhat_1.1.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src",
                "product": {
                  "name": "eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src",
                  "product_id": "eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-hibernate@5.1.15-1.Final_redhat_1.1.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src",
                "product": {
                  "name": "eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src",
                  "product_id": "eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.11-1.Final_redhat_1.1.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src",
                "product": {
                  "name": "eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src",
                  "product_id": "eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.0.4-1.Final_redhat_1.1.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src",
                "product": {
                  "name": "eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src",
                  "product_id": "eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-bouncycastle@1.56.0-5.redhat_3.1.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src",
                "product": {
                  "name": "eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src",
                  "product_id": "eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis@1.5.5.013-1.redhat_1.1.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src",
                "product": {
                  "name": "eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src",
                  "product_id": "eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.0.6-4.Final_redhat_4.1.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src",
                "product": {
                  "name": "eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src",
                  "product_id": "eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly@7.1.4-1.GA_redhat_1.1.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src",
                "product": {
                  "name": "eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src",
                  "product_id": "eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.1.4-2.GA_redhat_1.1.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src",
                "product": {
                  "name": "eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src",
                  "product_id": "eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-openssl-linux@1.0.6-14.Final_redhat_1.1.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src",
                "product": {
                  "name": "eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src",
                  "product_id": "eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jberet@1.2.6-2.Final_redhat_1.1.ep7.el6?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.8-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-undertow@1.4.18-7.SP8_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.4.10-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.10-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.4.10-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.4.10-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.4.10-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.4.10-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.4.10-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.4.10-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.4.10-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-mod_cluster@1.3.10-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-picketlink-idm-impl@2.5.5-13.SP12_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-picketlink-idm-api@2.5.5-13.SP12_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-picketlink-common@2.5.5-13.SP12_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-picketlink-config@2.5.5-13.SP12_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-picketlink-impl@2.5.5-13.SP12_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-13.SP12_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-picketlink-idm-simple-schema@2.5.5-13.SP12_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-picketlink-api@2.5.5-13.SP12_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-picketlink-wildfly8@2.5.5-13.SP12_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-13.SP12_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-web-console-eap@2.9.18-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-narayana-jbosstxbridge@5.5.32-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-narayana-restat-bridge@5.5.32-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-narayana-jts-integration@5.5.32-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-narayana-jbossxts@5.5.32-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-narayana-restat-integration@5.5.32-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-narayana@5.5.32-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-narayana-txframework@5.5.32-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-narayana-restat-util@5.5.32-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-narayana-restat-api@5.5.32-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-narayana-jts-idlj@5.5.32-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-narayana-compensations@5.5.32-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.9-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-guava@25.0.0-1.redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-guava-libraries@25.0.0-1.redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.0.26-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.0.26-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-cdi@3.0.26-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-client@3.0.26-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-crypto@3.0.26-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-jsapi@3.0.26-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.0.26-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.0.26-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.0.26-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.0.26-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.0.26-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.0.26-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-spring@3.0.26-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.0.26-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy@3.0.26-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.0.26-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.0.26-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-hibernate-core@5.1.15-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-hibernate@5.1.15-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.1.15-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.1.15-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-hibernate-infinispan@5.1.15-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.1.15-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.11-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.0.4-1.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
                  "product_id": "eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-bouncycastle-pkix@1.56.0-5.redhat_3.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
                  "product_id": "eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-bouncycastle-mail@1.56.0-5.redhat_3.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
                  "product_id": "eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-bouncycastle@1.56.0-5.redhat_3.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
                  "product_id": "eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-bouncycastle-prov@1.56.0-5.redhat_3.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@1.5.5.013-1.redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@1.5.5.013-1.redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@1.5.5.013-1.redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-native@1.5.5.013-1.redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@1.5.5.013-1.redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@1.5.5.013-1.redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@1.5.5.013-1.redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@1.5.5.013-1.redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@1.5.5.013-1.redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis@1.5.5.013-1.redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@1.5.5.013-1.redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@1.5.5.013-1.redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@1.5.5.013-1.redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@1.5.5.013-1.redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@1.5.5.013-1.redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@1.5.5.013-1.redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_id": "eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0-to-eap7.1@1.0.6-4.Final_redhat_4.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_id": "eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.0.6-4.Final_redhat_4.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_id": "eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.0.6-4.Final_redhat_4.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.1@1.0.6-4.Final_redhat_4.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_id": "eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0-to-eap7.1@1.0.6-4.Final_redhat_4.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_id": "eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.0.6-4.Final_redhat_4.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_id": "eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0-to-eap7.0@1.0.6-4.Final_redhat_4.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_id": "eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.0.6-4.Final_redhat_4.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.0@1.0.6-4.Final_redhat_4.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.0.6-4.Final_redhat_4.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_id": "eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2-to-eap7.1@1.0.6-4.Final_redhat_4.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_id": "eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1-to-eap7.1@1.0.6-4.Final_redhat_4.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_id": "eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2-to-eap7.0@1.0.6-4.Final_redhat_4.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_id": "eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.0.6-4.Final_redhat_4.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_id": "eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.0.6-4.Final_redhat_4.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_id": "eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0-to-eap7.1@1.0.6-4.Final_redhat_4.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.0.6-4.Final_redhat_4.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.0.6-4.Final_redhat_4.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.0.6-4.Final_redhat_4.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.1.4-1.GA_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly@7.1.4-1.GA_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.1.4-2.GA_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jberet@1.2.6-2.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
                "product": {
                  "name": "eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
                  "product_id": "eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-jberet-core@1.2.6-2.Final_redhat_1.1.ep7.el6?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
                "product": {
                  "name": "eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
                  "product_id": "eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-openssl-linux-debuginfo@1.0.6-14.Final_redhat_1.1.ep7.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
                "product": {
                  "name": "eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
                  "product_id": "eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-openssl-linux@1.0.6-14.Final_redhat_1.1.ep7.el6?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
                "product": {
                  "name": "eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
                  "product_id": "eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-openssl-linux-debuginfo@1.0.6-14.Final_redhat_1.1.ep7.el6?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
                "product": {
                  "name": "eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
                  "product_id": "eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/eap7-wildfly-openssl-linux@1.0.6-14.Final_redhat_1.1.ep7.el6?arch=i686"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src"
        },
        "product_reference": "eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src"
        },
        "product_reference": "eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src"
        },
        "product_reference": "eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src"
        },
        "product_reference": "eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src"
        },
        "product_reference": "eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src"
        },
        "product_reference": "eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src"
        },
        "product_reference": "eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src"
        },
        "product_reference": "eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src"
        },
        "product_reference": "eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src"
        },
        "product_reference": "eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src"
        },
        "product_reference": "eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src"
        },
        "product_reference": "eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src"
        },
        "product_reference": "eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src"
        },
        "product_reference": "eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src"
        },
        "product_reference": "eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src"
        },
        "product_reference": "eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src"
        },
        "product_reference": "eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src"
        },
        "product_reference": "eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686 as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686"
        },
        "product_reference": "eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src"
        },
        "product_reference": "eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64"
        },
        "product_reference": "eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686 as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686"
        },
        "product_reference": "eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64"
        },
        "product_reference": "eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src"
        },
        "product_reference": "eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch"
        },
        "product_reference": "eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src"
        },
        "product_reference": "eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-7.1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-12624",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2017-11-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1515976"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Apache CXF supports sending and receiving attachments via either the JAX-WS or JAX-RS specifications. It is possible to craft a message attachment header that could lead to a Denial of Service (DoS) attack on a CXF web service provider. Both JAX-WS and JAX-RS services are vulnerable to this attack. From Apache CXF 3.2.1 and 3.1.14, message attachment headers that are greater than 300 characters will be rejected by default. This value is configurable via the property \"attachment-max-header-size\".",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "cxf: Improper size validation in message attachment header for JAX-WS and JAX-RS services",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
          "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
          "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
          "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
          "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-12624"
        },
        {
          "category": "external",
          "summary": "RHBZ#1515976",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1515976"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12624",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-12624"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12624",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12624"
        }
      ],
      "release_date": "2017-11-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-08-15T11:31:11+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
            "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:2423"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
            "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "cxf: Improper size validation in message attachment header for JAX-WS and JAX-RS services"
    },
    {
      "cve": "CVE-2018-8039",
      "cwe": {
        "id": "CWE-248",
        "name": "Uncaught Exception"
      },
      "discovery_date": "2018-06-26T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1595332"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was discovered that when Apache CXF is configured to use the system property com.sun.net.ssl.internal.www.protocol ,it uses reflection to make the HostnameVerifier work with old com.sun.net.ssl.HostnameVerifier interface. Although the CXF implementation throws an exception, which is caught in the reflection code but it is not properly propagated, this can lead to a man-in-the-middle attack.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "apache-cxf: TLS hostname verification does not work correctly with com.sun.net.ssl.*",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In OpenShift Logging the openshift-logging/elasticsearch6-rhel8 container bundles the vulnerable version of apache-cxf, but the vulnerable class is not shipped, hence this component is not affected by this vulnerability.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
          "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
          "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
          "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
          "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-8039"
        },
        {
          "category": "external",
          "summary": "RHBZ#1595332",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595332"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-8039",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-8039"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-8039",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8039"
        },
        {
          "category": "external",
          "summary": "http://cxf.apache.org/security-advisories.data/CVE-2018-8039.txt.asc?version=1\u0026modificationDate=1530184663000\u0026api=v2",
          "url": "http://cxf.apache.org/security-advisories.data/CVE-2018-8039.txt.asc?version=1\u0026modificationDate=1530184663000\u0026api=v2"
        }
      ],
      "release_date": "2018-06-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-08-15T11:31:11+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
            "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:2423"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
            "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "apache-cxf: TLS hostname verification does not work correctly with com.sun.net.ssl.*"
    },
    {
      "cve": "CVE-2018-10237",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "discovery_date": "2018-05-01T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1573391"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in Guava where the AtomicDoubleArray and CompoundOrdering classes were found to allocate memory based on size fields sent by the client without validation. A crafted message could cause the server to consume all available memory or crash leading to a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Openshift Application Runtimes: Eclipse Vert.x is not exploitable by this flaw, though the vulnerable code is a transient dependency to the product. This issue may be addressed in a future release.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
          "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
          "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
          "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
          "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-10237"
        },
        {
          "category": "external",
          "summary": "RHBZ#1573391",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1573391"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-10237",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-10237"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10237",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10237"
        },
        {
          "category": "external",
          "summary": "https://github.com/google/guava/wiki/CVE-2018-10237",
          "url": "https://github.com/google/guava/wiki/CVE-2018-10237"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/forum/#!topic/guava-announce/xqWALw4W1vs/discussion",
          "url": "https://groups.google.com/forum/#!topic/guava-announce/xqWALw4W1vs/discussion"
        }
      ],
      "release_date": "2018-04-25T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-08-15T11:31:11+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
            "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:2423"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
            "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service"
    },
    {
      "cve": "CVE-2018-10862",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2018-06-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1593527"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that the explode function of the deployment utility in jboss-cli and console that allows extraction of files from an archive does not perform necessary validation for directory traversal. This can lead to remote code execution.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "wildfly-core: Path traversal can allow the extraction of .war archives to write arbitrary files (Zip Slip)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability can only be exploited by users with deployment permissions.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
          "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
          "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
          "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
          "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-10862"
        },
        {
          "category": "external",
          "summary": "RHBZ#1593527",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1593527"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-10862",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-10862"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10862",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10862"
        },
        {
          "category": "external",
          "summary": "https://snyk.io/research/zip-slip-vulnerability",
          "url": "https://snyk.io/research/zip-slip-vulnerability"
        }
      ],
      "release_date": "2018-06-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-08-15T11:31:11+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
            "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:2423"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
            "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "wildfly-core: Path traversal can allow the extraction of .war archives to write arbitrary files (Zip Slip)"
    },
    {
      "cve": "CVE-2018-1000180",
      "cwe": {
        "id": "CWE-325",
        "name": "Missing Cryptographic Step"
      },
      "discovery_date": "2018-06-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1588306"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in BouncyCastle. The number of iterations of the Miller-Rabin primality test was incorrectly calculated (according to FIPS 186-4 C.3). Under some circumstances, this could lead to the generation of weak RSA key pairs.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "bouncycastle: flaw in the low-level interface to RSA key pair generator",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of bouncycastle as shipped with Red Hat Subscription Asset Manager 1.x. Red Hat Product Security has rated this issue as having a security impact of Moderate. No update is planned for this product at this time. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.\n\nRed Hat Satellite 6.5 isn\u0027t vulnerable to this issue, since it doesn\u0027t ship bouncycastle jar file anymore.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
          "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
          "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
          "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
          "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src",
          "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch",
          "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-1000180"
        },
        {
          "category": "external",
          "summary": "RHBZ#1588306",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1588306"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1000180",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000180"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000180",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000180"
        }
      ],
      "release_date": "2018-04-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-08-15T11:31:11+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
            "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:2423"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.013-1.redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.013-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-0:1.56.0-5.redhat_3.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-bouncycastle-mail-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-pkix-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-bouncycastle-prov-0:1.56.0-5.redhat_3.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-guava-libraries-0:25.0.0-1.redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.15-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.15-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.10-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jberet-0:1.2.6-2.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jberet-core-0:1.2.6-2.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-ejb-client-0:4.0.11-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-remoting-0:5.0.8-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.6-4.Final_redhat_4.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.6-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-mod_cluster-0:1.3.10-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-0:5.5.32-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.32-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-13.SP12_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.26-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.26-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-7.SP8_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.4-1.GA_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.4-2.GA_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.4-1.GA_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.i686",
            "6Server-JBEAP-7.1:eap7-wildfly-openssl-linux-debuginfo-0:1.0.6-14.Final_redhat_1.1.ep7.el6.x86_64",
            "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-transaction-client-0:1.0.4-1.Final_redhat_1.1.ep7.el6.src",
            "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.noarch",
            "6Server-JBEAP-7.1:eap7-wildfly-web-console-eap-0:2.9.18-1.Final_redhat_1.1.ep7.el6.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "bouncycastle: flaw in the low-level interface to RSA key pair generator"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-10237 (GCVE-0-2018-10237)

Solutions

Vulnerability from cleanstart

Vulnerability from cleanstart

Vulnerability from cleanstart

Vulnerability from cleanstart

Tags

Sightings

Nomenclature