Action not permitted
Modal body text goes here.
CVE-2019-10184
Vulnerability from cvelistv5
▼ | Vendor | Product |
---|---|---|
undertow-io | undertow |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T22:10:10.116Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2019:2937", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:2937" }, { "name": "RHSA-2019:2935", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:2935" }, { "name": "RHSA-2019:2936", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:2936" }, { "name": "RHSA-2019:2938", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:2938" }, { "name": "RHSA-2019:2998", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:2998" }, { "name": "RHSA-2019:3044", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:3044" }, { "name": "RHSA-2019:3045", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:3045" }, { "name": "RHSA-2019:3050", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:3050" }, { "name": "RHSA-2019:3046", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:3046" }, { "name": "RHSA-2020:0727", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2020:0727" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10184" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/undertow-io/undertow/pull/794" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220210-0016/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "undertow", "vendor": "undertow-io", "versions": [ { "status": "affected", "version": "fixed in 2.0.23.Final" } ] } ], "descriptions": [ { "lang": "en", "value": "undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-862", "description": "CWE-862", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-02-10T09:06:40", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2019:2937", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:2937" }, { "name": "RHSA-2019:2935", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:2935" }, { "name": "RHSA-2019:2936", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:2936" }, { "name": "RHSA-2019:2938", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:2938" }, { "name": "RHSA-2019:2998", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:2998" }, { "name": "RHSA-2019:3044", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:3044" }, { "name": "RHSA-2019:3045", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:3045" }, { "name": "RHSA-2019:3050", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:3050" }, { "name": "RHSA-2019:3046", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:3046" }, { "name": "RHSA-2020:0727", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2020:0727" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10184" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/undertow-io/undertow/pull/794" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20220210-0016/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2019-10184", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "undertow", "version": { "version_data": [ { "version_value": "fixed in 2.0.23.Final" } ] } } ] }, "vendor_name": "undertow-io" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api." } ] }, "impact": { "cvss": [ [ { "vectorString": "5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" } ] ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-862" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2019:2937", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2937" }, { "name": "RHSA-2019:2935", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2935" }, { "name": "RHSA-2019:2936", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2936" }, { "name": "RHSA-2019:2938", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2938" }, { "name": "RHSA-2019:2998", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2998" }, { "name": "RHSA-2019:3044", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3044" }, { "name": "RHSA-2019:3045", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3045" }, { "name": "RHSA-2019:3050", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3050" }, { "name": "RHSA-2019:3046", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3046" }, { "name": "RHSA-2020:0727", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2020:0727" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10184", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10184" }, { "name": "https://github.com/undertow-io/undertow/pull/794", "refsource": "CONFIRM", "url": "https://github.com/undertow-io/undertow/pull/794" }, { "name": "https://security.netapp.com/advisory/ntap-20220210-0016/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220210-0016/" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2019-10184", "datePublished": "2019-07-25T20:35:16", "dateReserved": "2019-03-27T00:00:00", "dateUpdated": "2024-08-04T22:10:10.116Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2019-10184\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2019-07-25T21:15:11.473\",\"lastModified\":\"2022-02-20T06:11:42.433\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.\"},{\"lang\":\"es\",\"value\":\"Undertow en versiones anteriores a la 2.0.23.Final es vulnerable a un problema de fuga de informaci\u00f3n. Las aplicaciones web pueden tener sus estructuras de directorio predecibles a trav\u00e9s de solicitudes sin barras finales mediante la API.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV30\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-862\"}]},{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-862\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:undertow:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.0.23\",\"matchCriteriaId\":\"AE049D0E-4028-4558-B08B-92D3A0716A93\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_data_grid:-:*:*:*:text-only:*:*:*\",\"matchCriteriaId\":\"2BF03A52-4068-47EA-8846-1E5FB708CE1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:-:*:*:*:text-only:*:*:*\",\"matchCriteriaId\":\"B8423D7F-3A8F-4AD8-BF51-245C9D8DD816\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72A54BDA-311C-413B-8E4D-388AD65A170A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_application_runtimes:-:*:*:*:text-only:*:*:*\",\"matchCriteriaId\":\"ADB40F59-CAAE-47D6-850C-12619D8D5B34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_application_runtimes:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"183C1FAB-3101-4155-BAA4-819EE997E436\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:single_sign-on:-:*:*:*:text-only:*:*:*\",\"matchCriteriaId\":\"341E6313-20D5-44CB-9719-B20585DC5AD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C3AA5CE-9ACB-4E96-A4C1-50A662D641FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4911A72-5FAE-47C5-A141-2E3CA8E1CCAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"645A908C-18C2-4AB1-ACE7-3969E3A552A5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C3AA5CE-9ACB-4E96-A4C1-50A662D641FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4911A72-5FAE-47C5-A141-2E3CA8E1CCAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"645A908C-18C2-4AB1-ACE7-3969E3A552A5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C3AA5CE-9ACB-4E96-A4C1-50A662D641FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4911A72-5FAE-47C5-A141-2E3CA8E1CCAB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:single_sign-on:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E939A0E0-3437-459E-9FAB-FE42811B1D32\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:single_sign-on:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E939A0E0-3437-459E-9FAB-FE42811B1D32\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:single_sign-on:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E939A0E0-3437-459E-9FAB-FE42811B1D32\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*\",\"matchCriteriaId\":\"F3E0B672-3E06-4422-B2A4-0BD073AEC2A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"B55E8D50-99B4-47EC-86F9-699B67D473CE\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2019:2935\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:2936\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:2937\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:2938\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:2998\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3044\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3045\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3046\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3050\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2020:0727\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10184\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/undertow-io/undertow/pull/794\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20220210-0016/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]}]}}" } }
rhsa-2019_3050
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.4 serves as a replacement for Red Hat Single Sign-On 7.2.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: cross-realm user access auth bypass (CVE-2019-14832)\n\n* keycloak: adapter endpoints are exposed via arbitrary URLs (CVE-2019-14820)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message (CVE-2019-12814)\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2019:3050", "url": "https://access.redhat.com/errata/RHSA-2019:3050" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso\u0026downloadType=securityPatches\u0026version=7.3", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso\u0026downloadType=securityPatches\u0026version=7.3" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", "url": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/" }, { "category": "external", "summary": "1649870", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649870" }, { "category": "external", "summary": "1713068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713068" }, { "category": "external", "summary": "1713468", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713468" }, { "category": "external", "summary": "1725795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725795" }, { "category": "external", "summary": "1737517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517" }, { "category": "external", "summary": "1749487", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749487" }, { "category": "external", "summary": "KEYCLOAK-11367", "url": "https://issues.redhat.com/browse/KEYCLOAK-11367" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3050.json" } ], "title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.3.4 security update", "tracking": { "current_release_date": "2024-11-15T04:10:46+00:00", "generator": { "date": "2024-11-15T04:10:46+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2019:3050", "initial_release_date": "2019-10-14T18:59:06+00:00", "revision_history": [ { "date": "2019-10-14T18:59:06+00:00", "number": "1", "summary": "Initial version" }, { "date": "2019-10-14T18:59:06+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T04:10:46+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Single Sign-On 7.3.4 zip", "product": { "name": "Red Hat Single Sign-On 7.3.4 zip", "product_id": "Red Hat Single Sign-On 7.3.4 zip", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_single_sign_on:7.3" } } } ], "category": "product_family", "name": "Red Hat Single Sign-On" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Bart Toersche" ], "organization": "Simacan" } ], "cve": "CVE-2019-10169", "cwe": { "id": "CWE-267", "name": "Privilege Defined With Unsafe Actions" }, "discovery_date": "2019-05-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1721302" } ], "notes": [ { "category": "description", "text": "A flaw was found in Keycloak\u2019s user-managed access interface, where it would permit a script to be set in the UMA policy. This flaw allows an authenticated attacker with UMA permissions to configure a malicious script to trigger and execute arbitrary code with the permissions of the user running application.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: script execution via UMA policy trigger", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.3.4 zip" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10169" }, { "category": "external", "summary": "RHBZ#1721302", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1721302" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10169", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10169" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10169", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10169" } ], "release_date": "2020-04-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T18:59:06+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.3.4 zip" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3050" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7.3.4 zip" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: script execution via UMA policy trigger" }, { "acknowledgments": [ { "names": [ "Bart Toersche" ], "organization": "Simacan" } ], "cve": "CVE-2019-10170", "cwe": { "id": "CWE-267", "name": "Privilege Defined With Unsafe Actions" }, "discovery_date": "2019-05-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1721295" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Keycloak admin console, where the realm management interface permits a script to be set via the policy. This flaw allows an attacker with authenticated user and realm management permissions to configure a malicious script to trigger and execute arbitrary code with the permissions of the application user.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: script execution via realm management policy trigger", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.3.4 zip" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10170" }, { "category": "external", "summary": "RHBZ#1721295", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1721295" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10170", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10170" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10170", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10170" } ], "release_date": "2020-04-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T18:59:06+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.3.4 zip" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3050" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Single Sign-On 7.3.4 zip" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: script execution via realm management policy trigger" }, { "acknowledgments": [ { "names": [ "Christian Schl\u00fcter" ], "organization": "Viada" } ], "cve": "CVE-2019-10184", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "discovery_date": "2019-03-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1713068" } ], "notes": [ { "category": "description", "text": "undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: Information leak in requests for directories without trailing slashes", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.3.4 zip" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10184" }, { "category": "external", "summary": "RHBZ#1713068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713068" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10184", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10184" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10184", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10184" } ], "release_date": "2019-07-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T18:59:06+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.3.4 zip" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3050" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat Single Sign-On 7.3.4 zip" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "undertow: Information leak in requests for directories without trailing slashes" }, { "cve": "CVE-2019-10212", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2019-07-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1731984" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user\u2019s credentials from the log files.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files", "title": "Vulnerability summary" }, { "category": "other", "text": "All the Red Hat products using the undertow-core jar version 2.0.20 or before are affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.3.4 zip" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10212" }, { "category": "external", "summary": "RHBZ#1731984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731984" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10212", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10212" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10212", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10212" } ], "release_date": "2019-09-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T18:59:06+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.3.4 zip" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3050" }, { "category": "workaround", "details": "Use Elytron instead of legacy Security subsystem.", "product_ids": [ "Red Hat Single Sign-On 7.3.4 zip" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat Single Sign-On 7.3.4 zip" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files" }, { "cve": "CVE-2019-12086", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-05-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1713468" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath, and an attacker can host a crafted MySQL server reachable by the victim, an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server.", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.3.4 zip" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12086" }, { "category": "external", "summary": "RHBZ#1713468", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713468" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12086", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12086" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12086", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12086" } ], "release_date": "2019-05-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T18:59:06+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.3.4 zip" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3050" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Red Hat Single Sign-On 7.3.4 zip" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat Single Sign-On 7.3.4 zip" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server." }, { "cve": "CVE-2019-12814", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-06-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1725795" } ], "notes": [ { "category": "description", "text": "A new polymorphic typing flaw was discovered in FasterXML jackson-databind, versions 2.x through 2.9.9. With default typing enabled, an attacker can send a specifically crafted JSON message to the server that allows them to read arbitrary local files.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message.", "title": "Vulnerability summary" }, { "category": "other", "text": "* Red Hat Satellite 6 does not include the jdom or jdom2 packages, thus it is not affected by this vulnerability. \n* Red Hat OpenStack\u0027s OpenDaylight does not include the jdom or jdom2 packages, thus it is not affected by this vulnerability.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.3.4 zip" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12814" }, { "category": "external", "summary": "RHBZ#1725795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725795" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12814", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12814" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12814", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12814" } ], "release_date": "2019-06-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T18:59:06+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.3.4 zip" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3050" }, { "category": "workaround", "details": "This vulnerability relies on jdom (org.jdom) or jdom2 (org.jdom2) being present in the application\u0027s ClassPath. Applications using jackson-databind that do not also use jdom or jdom2 are not impacted by this vulnerability.", "product_ids": [ "Red Hat Single Sign-On 7.3.4 zip" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat Single Sign-On 7.3.4 zip" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message." }, { "cve": "CVE-2019-14379", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2019-07-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1737517" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the ehcache and logback JNDI gadgets when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: default typing mishandling leading to remote code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nSimilarly, Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.3.4 zip" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14379" }, { "category": "external", "summary": "RHBZ#1737517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14379", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14379" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379" } ], "release_date": "2019-07-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T18:59:06+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.3.4 zip" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3050" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Red Hat Single Sign-On 7.3.4 zip" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat Single Sign-On 7.3.4 zip" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: default typing mishandling leading to remote code execution" }, { "cve": "CVE-2019-14820", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2018-11-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1649870" } ], "notes": [ { "category": "description", "text": "It was found that keycloak exposes internal adapter endpoints in org.keycloak.constants.AdapterConstants, which can be invoked via a specially-crafted URL. This vulnerability could allow an attacker to access unauthorized information.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: adapter endpoints are exposed via arbitrary URLs", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.3.4 zip" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14820" }, { "category": "external", "summary": "RHBZ#1649870", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649870" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14820", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14820" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14820", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14820" } ], "release_date": "2019-10-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T18:59:06+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.3.4 zip" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3050" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat Single Sign-On 7.3.4 zip" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "keycloak: adapter endpoints are exposed via arbitrary URLs" }, { "cve": "CVE-2019-14832", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "discovery_date": "2019-07-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1749487" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Keycloak REST API where it would permit user access from a realm the user was not configured. An authenticated attacker with knowledge of a user id could use this flaw to access unauthorized information or to carry out further attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: cross-realm user access auth bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Single Sign-On 7.3.4 zip" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14832" }, { "category": "external", "summary": "RHBZ#1749487", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749487" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14832", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14832" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14832", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14832" } ], "release_date": "2019-10-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T18:59:06+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat Single Sign-On 7.3.4 zip" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3050" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "Red Hat Single Sign-On 7.3.4 zip" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: cross-realm user access auth bypass" } ] }
rhsa-2020_0727
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for Red Hat Data Grid is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the Infinispan project.\n\nThis release of Red Hat Data Grid 7.3.3 serves as a replacement for Red Hat Data Grid 7.3.2 and includes bug fixes and enhancements, which are described in the Release Notes, linked to in the References section of this erratum.\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n\n* HTTP/2: flood using empty frames results in excessive resource consumption (CVE-2019-9518)\n\n* xstream: remote code execution due to insecure XML deserialization (regression of CVE-2013-7285) (CVE-2019-10173)\n\n* infinispan: invokeAccessibly method from ReflectionUtil class allows to invoke private methods (CVE-2019-10174)\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* h2: Information Exposure due to insecure handling of permissions in the backup (CVE-2018-14335)\n\n* wildfly: Race condition on PID file allows for termination of arbitrary processes by local users (CVE-2019-3805)\n\n* undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed (CVE-2019-3888)\n\n* undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files (CVE-2019-10212)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:0727", "url": "https://access.redhat.com/errata/RHSA-2020:0727" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=data.grid\u0026downloadType=patches\u0026version=7.3", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=data.grid\u0026downloadType=patches\u0026version=7.3" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_data_grid/7.3/html-single/red_hat_data_grid_7.3_release_notes/index", "url": "https://access.redhat.com/documentation/en-us/red_hat_data_grid/7.3/html-single/red_hat_data_grid_7.3_release_notes/index" }, { "category": "external", "summary": "1610877", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1610877" }, { "category": "external", "summary": "1660263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660263" }, { "category": "external", "summary": "1693777", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1693777" }, { "category": "external", "summary": "1703469", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1703469" }, { "category": "external", "summary": "1713068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713068" }, { "category": "external", "summary": "1722971", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1722971" }, { "category": "external", "summary": "1731984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731984" }, { "category": "external", "summary": "1735645", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735645" }, { "category": "external", "summary": "1735744", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735744" }, { "category": "external", "summary": "1735745", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735745" }, { "category": "external", "summary": "1735749", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735749" }, { "category": "external", "summary": "1737517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0727.json" } ], "title": "Red Hat Security Advisory: Red Hat Data Grid 7.3.3 security update", "tracking": { "current_release_date": "2024-11-15T05:19:33+00:00", "generator": { "date": "2024-11-15T05:19:33+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:0727", "initial_release_date": "2020-03-05T12:53:27+00:00", "revision_history": [ { "date": "2020-03-05T12:53:27+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-03-05T12:53:27+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T05:19:33+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Data Grid 7.3.3", "product": { "name": "Red Hat Data Grid 7.3.3", "product_id": "Red Hat Data Grid 7.3.3", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_data_grid:7.3" } } } ], "category": "product_family", "name": "Red Hat JBoss Data Grid" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-14335", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2018-07-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1610877" } ], "notes": [ { "category": "description", "text": "An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a fake database file.", "title": "Vulnerability description" }, { "category": "summary", "text": "h2: Information Exposure due to insecure handling of permissions in the backup", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-14335" }, { "category": "external", "summary": "RHBZ#1610877", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1610877" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-14335", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14335" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14335", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14335" } ], "release_date": "2018-07-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-05T12:53:27+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.3 server patch from the customer portal.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.3 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0727" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat Data Grid 7.3.3" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "h2: Information Exposure due to insecure handling of permissions in the backup" }, { "acknowledgments": [ { "names": [ "Daniel Le Gall" ], "organization": "SCRT Information Security" } ], "cve": "CVE-2019-3805", "cwe": { "id": "CWE-364", "name": "Signal Handler Race Condition" }, "discovery_date": "2018-11-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1660263" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in wildfly that would allow local users, who are able to execute init.d script, to terminate arbitrary processes on the system. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root.", "title": "Vulnerability description" }, { "category": "summary", "text": "wildfly: Race condition on PID file allows for termination of arbitrary processes by local users", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-3805" }, { "category": "external", "summary": "RHBZ#1660263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660263" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-3805", "url": "https://www.cve.org/CVERecord?id=CVE-2019-3805" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3805", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3805" } ], "release_date": "2019-04-30T17:12:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-05T12:53:27+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.3 server patch from the customer portal.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.3 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0727" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "Red Hat Data Grid 7.3.3" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "wildfly: Race condition on PID file allows for termination of arbitrary processes by local users" }, { "acknowledgments": [ { "names": [ "Carter Kozak" ] } ], "cve": "CVE-2019-3888", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2019-03-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1693777" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUEST_LOGGER.undertowRequestFailed(t, exchange)", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-3888" }, { "category": "external", "summary": "RHBZ#1693777", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1693777" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-3888", "url": "https://www.cve.org/CVERecord?id=CVE-2019-3888" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3888", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3888" } ], "release_date": "2019-06-10T15:13:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-05T12:53:27+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.3 server patch from the customer portal.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.3 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0727" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat Data Grid 7.3.3" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed" }, { "acknowledgments": [ { "names": [ "the Envoy security team" ] } ], "cve": "CVE-2019-9512", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-08-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1735645" } ], "notes": [ { "category": "description", "text": "A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "HTTP/2: flood using PING frames results in unbounded memory growth", "title": "Vulnerability summary" }, { "category": "other", "text": "The golang package in Red Hat OpenStack Platform 9 Operational Tools will not be updated for this flaw because it is in technical preview and is retiring as of 24.Aug.2019.\nThis issue did not affect the versions of grafana(embeds golang) as shipped with Red Hat Ceph Storage 2 and Red Hat Gluster Storage 3 as they did not include the support for HTTP/2.\nThe following storage product versions are affected because they include the support for HTTP/2 in:\n* golang as shipped with Red Hat Gluster Storage 3, Red Hat Ceph Storage 2 and Red Hat Ceph Storage 3\n* heketi(embeds golang) as shipped with Red Hat Gluster Storage 3\n* grafana(embeds golang and grpc) as shipped with Red Hat Ceph Storage 3\nThis flaw has no available mitigation for packages golang and nodejs. Both packages will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.\n\nAll OpenShift Container Platform RPMs and container images that are built with Go and support HTTP/2 are vulnerable to this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-9512" }, { "category": "external", "summary": "RHBZ#1735645", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735645" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-9512", "url": "https://www.cve.org/CVERecord?id=CVE-2019-9512" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9512", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9512" }, { "category": "external", "summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md", "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md" }, { "category": "external", "summary": "https://groups.google.com/forum/#!topic/golang-announce/65QixT3tcmg", "url": "https://groups.google.com/forum/#!topic/golang-announce/65QixT3tcmg" }, { "category": "external", "summary": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/wlHLHit1BqA", "url": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/wlHLHit1BqA" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/" }, { "category": "external", "summary": "https://www.mail-archive.com/grpc-io@googlegroups.com/msg06408.html", "url": "https://www.mail-archive.com/grpc-io@googlegroups.com/msg06408.html" } ], "release_date": "2019-08-13T17:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-05T12:53:27+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.3 server patch from the customer portal.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.3 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0727" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "Red Hat Data Grid 7.3.3" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "HTTP/2: flood using PING frames results in unbounded memory growth" }, { "acknowledgments": [ { "names": [ "the Envoy security team" ] } ], "cve": "CVE-2019-9514", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-08-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1735744" } ], "notes": [ { "category": "description", "text": "A flaw was found in HTTP/2. Using HEADER frames with invalid HTTP headers and queuing of response RST_STREAM frames, an attacker could cause a flood resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "HTTP/2: flood using HEADERS frames results in unbounded memory growth", "title": "Vulnerability summary" }, { "category": "other", "text": "The golang package in Red Hat OpenStack Platform 9 Operational Tools will not be updated for this flaw because it is in technical preview and is retiring as of 24.Aug.2019.\nThis issue did not affect the versions of grafana(embeds golang) as shipped with Red Hat Ceph Storage 2 and Red Hat Gluster Storage 3 as they did not include the support for HTTP/2.\nThe following storage product versions are affected because they include the support for HTTP/2 in:\n* golang as shipped with Red Hat Gluster Storage 3, Red Hat Ceph Storage 2 and Red Hat Ceph Storage 3\n* heketi(embeds golang) as shipped with Red Hat Gluster Storage 3\n* grafana(embeds golang and grpc) as shipped with Red Hat Ceph Storage 3\nThis flaw has no available mitigation for packages golang and nodejs. Both packages will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.\n\nAll OpenShift Container Platform RPMs and container images that are built with Go and support HTTP/2 are vulnerable to this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-9514" }, { "category": "external", "summary": "RHBZ#1735744", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735744" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-9514", "url": "https://www.cve.org/CVERecord?id=CVE-2019-9514" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9514", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9514" }, { "category": "external", "summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md", "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md" }, { "category": "external", "summary": "https://groups.google.com/forum/#!topic/golang-announce/65QixT3tcmg", "url": "https://groups.google.com/forum/#!topic/golang-announce/65QixT3tcmg" }, { "category": "external", "summary": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/wlHLHit1BqA", "url": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/wlHLHit1BqA" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/" }, { "category": "external", "summary": "https://www.mail-archive.com/grpc-io@googlegroups.com/msg06408.html", "url": "https://www.mail-archive.com/grpc-io@googlegroups.com/msg06408.html" } ], "release_date": "2019-08-13T17:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-05T12:53:27+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.3 server patch from the customer portal.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.3 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0727" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "Red Hat Data Grid 7.3.3" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "HTTP/2: flood using HEADERS frames results in unbounded memory growth" }, { "acknowledgments": [ { "names": [ "the Envoy security team" ] } ], "cve": "CVE-2019-9515", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-08-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1735745" } ], "notes": [ { "category": "description", "text": "A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "HTTP/2: flood using SETTINGS frames results in unbounded memory growth", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the version of grafana(embeds gRPC) as shipped with Red Hat Ceph Storage 3 as it include the support for HTTP/2.\nThis flaw has no available mitigation for nodejs package. It will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-9515" }, { "category": "external", "summary": "RHBZ#1735745", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735745" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-9515", "url": "https://www.cve.org/CVERecord?id=CVE-2019-9515" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9515", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9515" }, { "category": "external", "summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md", "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/" }, { "category": "external", "summary": "https://www.mail-archive.com/grpc-io@googlegroups.com/msg06408.html", "url": "https://www.mail-archive.com/grpc-io@googlegroups.com/msg06408.html" } ], "release_date": "2019-08-13T17:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-05T12:53:27+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.3 server patch from the customer portal.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.3 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0727" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "Red Hat Data Grid 7.3.3" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "HTTP/2: flood using SETTINGS frames results in unbounded memory growth" }, { "acknowledgments": [ { "names": [ "the Envoy security team" ] } ], "cve": "CVE-2019-9518", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-08-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1735749" } ], "notes": [ { "category": "description", "text": "A flaw was found in HTTP/2. Using frames with an empty payload, a flood could occur that results in excessive CPU usage and starvation of other clients. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "HTTP/2: flood using empty frames results in excessive resource consumption", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw has no available mitigation for nodejs package. It will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-9518" }, { "category": "external", "summary": "RHBZ#1735749", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735749" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-9518", "url": "https://www.cve.org/CVERecord?id=CVE-2019-9518" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9518", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9518" }, { "category": "external", "summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md", "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/" } ], "release_date": "2019-08-13T17:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-05T12:53:27+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.3 server patch from the customer portal.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.3 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0727" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "Red Hat Data Grid 7.3.3" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "HTTP/2: flood using empty frames results in excessive resource consumption" }, { "cve": "CVE-2019-10173", "cwe": { "id": "CWE-94", "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)" }, "discovery_date": "2019-06-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1722971" } ], "notes": [ { "category": "description", "text": "It was found that xstream API version 1.4.10 introduced a regression for a previous deserialization flaw. If the security framework has not been initialized, it may allow a remote attacker to run arbitrary shell commands when unmarshalling XML or any supported format. This a regression of CVE-2013-7285 fixed in 1.4.7 (fixed) as of BPMS 6.0.1, the regression was introduced with xstream-1.4.10 implemented in RHPAM.", "title": "Vulnerability description" }, { "category": "summary", "text": "xstream: remote code execution due to insecure XML deserialization (regression of CVE-2013-7285)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10173" }, { "category": "external", "summary": "RHBZ#1722971", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1722971" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10173", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10173" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10173", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10173" }, { "category": "external", "summary": "http://x-stream.github.io/changes.html#1.4.11", "url": "http://x-stream.github.io/changes.html#1.4.11" } ], "release_date": "2018-10-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-05T12:53:27+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.3 server patch from the customer portal.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.3 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0727" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "Red Hat Data Grid 7.3.3" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "xstream: remote code execution due to insecure XML deserialization (regression of CVE-2013-7285)" }, { "cve": "CVE-2019-10174", "cwe": { "id": "CWE-470", "name": "Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)" }, "discovery_date": "2018-10-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1703469" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan\u0027s privileges. The attacker can use reflection to introduce new, malicious behavior into the application.", "title": "Vulnerability description" }, { "category": "summary", "text": "infinispan: invokeAccessibly method from ReflectionUtil class allows to invoke private methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform\u0027s OpenDaylight contains the vulnerable library. This library is a requirement of other dependencies (Karaf and Hibernate). Under supported deployments, the vulnerable functionality is not utilized. Based on this, no OpenDaylight versions will not be fixed.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10174" }, { "category": "external", "summary": "RHBZ#1703469", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1703469" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10174", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10174" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10174", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10174" } ], "release_date": "2019-11-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-05T12:53:27+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.3 server patch from the customer portal.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.3 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0727" }, { "category": "workaround", "details": "There is no known mitigation for this issue.", "product_ids": [ "Red Hat Data Grid 7.3.3" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat Data Grid 7.3.3" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "infinispan: invokeAccessibly method from ReflectionUtil class allows to invoke private methods" }, { "acknowledgments": [ { "names": [ "Christian Schl\u00fcter" ], "organization": "Viada" } ], "cve": "CVE-2019-10184", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "discovery_date": "2019-03-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1713068" } ], "notes": [ { "category": "description", "text": "undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: Information leak in requests for directories without trailing slashes", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10184" }, { "category": "external", "summary": "RHBZ#1713068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713068" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10184", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10184" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10184", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10184" } ], "release_date": "2019-07-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-05T12:53:27+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.3 server patch from the customer portal.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.3 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0727" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat Data Grid 7.3.3" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "undertow: Information leak in requests for directories without trailing slashes" }, { "cve": "CVE-2019-10212", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2019-07-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1731984" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user\u2019s credentials from the log files.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files", "title": "Vulnerability summary" }, { "category": "other", "text": "All the Red Hat products using the undertow-core jar version 2.0.20 or before are affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10212" }, { "category": "external", "summary": "RHBZ#1731984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731984" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10212", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10212" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10212", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10212" } ], "release_date": "2019-09-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-05T12:53:27+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.3 server patch from the customer portal.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.3 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0727" }, { "category": "workaround", "details": "Use Elytron instead of legacy Security subsystem.", "product_ids": [ "Red Hat Data Grid 7.3.3" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat Data Grid 7.3.3" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files" }, { "cve": "CVE-2019-14379", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2019-07-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1737517" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the ehcache and logback JNDI gadgets when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: default typing mishandling leading to remote code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nSimilarly, Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14379" }, { "category": "external", "summary": "RHBZ#1737517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14379", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14379" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379" } ], "release_date": "2019-07-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-05T12:53:27+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.3 server patch from the customer portal.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.3 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0727" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Red Hat Data Grid 7.3.3" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat Data Grid 7.3.3" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: default typing mishandling leading to remote code execution" } ] }
rhsa-2019_2938
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "This release of Red Hat JBoss Enterprise Application Platform 7.2.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.3, and includes bug fixes and enhancements. Refer to the Red Hat JBoss Enterprise Application Platform 7.2.4 Release Notes for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message (CVE-2019-12814)\n\n* undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files (CVE-2019-10212)\n\n* codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities (CVE-2019-10202)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2019:2938", "url": "https://access.redhat.com/errata/RHSA-2019:2938" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.2", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.2" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/" }, { "category": "external", "summary": "1713068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713068" }, { "category": "external", "summary": "1713468", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713468" }, { "category": "external", "summary": "1725795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725795" }, { "category": "external", "summary": "1725807", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725807" }, { "category": "external", "summary": "1731271", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731271" }, { "category": "external", "summary": "1731984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731984" }, { "category": "external", "summary": "1737517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517" }, { "category": "external", "summary": "JBEAP-16455", "url": "https://issues.redhat.com/browse/JBEAP-16455" }, { "category": "external", "summary": "JBEAP-16779", "url": "https://issues.redhat.com/browse/JBEAP-16779" }, { "category": "external", "summary": "JBEAP-17045", "url": "https://issues.redhat.com/browse/JBEAP-17045" }, { "category": "external", "summary": "JBEAP-17062", "url": "https://issues.redhat.com/browse/JBEAP-17062" }, { "category": "external", "summary": "JBEAP-17073", "url": "https://issues.redhat.com/browse/JBEAP-17073" }, { "category": "external", "summary": "JBEAP-17109", "url": "https://issues.redhat.com/browse/JBEAP-17109" }, { "category": "external", "summary": "JBEAP-17112", "url": "https://issues.redhat.com/browse/JBEAP-17112" }, { "category": "external", "summary": "JBEAP-17162", "url": "https://issues.redhat.com/browse/JBEAP-17162" }, { "category": "external", "summary": "JBEAP-17178", "url": "https://issues.redhat.com/browse/JBEAP-17178" }, { "category": "external", "summary": "JBEAP-17182", "url": "https://issues.redhat.com/browse/JBEAP-17182" }, { "category": "external", "summary": "JBEAP-17183", "url": "https://issues.redhat.com/browse/JBEAP-17183" }, { "category": "external", "summary": "JBEAP-17223", "url": "https://issues.redhat.com/browse/JBEAP-17223" }, { "category": "external", "summary": "JBEAP-17238", "url": "https://issues.redhat.com/browse/JBEAP-17238" }, { "category": "external", "summary": "JBEAP-17250", "url": "https://issues.redhat.com/browse/JBEAP-17250" }, { "category": "external", "summary": "JBEAP-17271", "url": "https://issues.redhat.com/browse/JBEAP-17271" }, { "category": "external", "summary": "JBEAP-17273", "url": "https://issues.redhat.com/browse/JBEAP-17273" }, { "category": "external", "summary": "JBEAP-17274", "url": "https://issues.redhat.com/browse/JBEAP-17274" }, { "category": "external", "summary": "JBEAP-17276", "url": "https://issues.redhat.com/browse/JBEAP-17276" }, { "category": "external", "summary": "JBEAP-17277", "url": "https://issues.redhat.com/browse/JBEAP-17277" }, { "category": "external", "summary": "JBEAP-17278", "url": "https://issues.redhat.com/browse/JBEAP-17278" }, { "category": "external", "summary": "JBEAP-17294", "url": "https://issues.redhat.com/browse/JBEAP-17294" }, { "category": "external", "summary": "JBEAP-17311", "url": "https://issues.redhat.com/browse/JBEAP-17311" }, { "category": "external", "summary": "JBEAP-17320", "url": "https://issues.redhat.com/browse/JBEAP-17320" }, { "category": "external", "summary": "JBEAP-17321", "url": "https://issues.redhat.com/browse/JBEAP-17321" }, { "category": "external", "summary": "JBEAP-17334", "url": "https://issues.redhat.com/browse/JBEAP-17334" }, { "category": "external", "summary": "JBEAP-17527", "url": "https://issues.redhat.com/browse/JBEAP-17527" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_2938.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.4 security update", "tracking": { "current_release_date": "2024-11-15T04:10:44+00:00", "generator": { "date": "2024-11-15T04:10:44+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2019:2938", "initial_release_date": "2019-09-30T22:57:56+00:00", "revision_history": [ { "date": "2019-09-30T22:57:56+00:00", "number": "1", "summary": "Initial version" }, { "date": "2019-09-30T22:57:56+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T04:10:44+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss EAP 7.2", "product": { "name": "Red Hat JBoss EAP 7.2", "product_id": "Red Hat JBoss EAP 7.2", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Christian Schl\u00fcter" ], "organization": "Viada" } ], "cve": "CVE-2019-10184", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "discovery_date": "2019-03-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1713068" } ], "notes": [ { "category": "description", "text": "undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: Information leak in requests for directories without trailing slashes", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7.2" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10184" }, { "category": "external", "summary": "RHBZ#1713068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713068" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10184", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10184" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10184", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10184" } ], "release_date": "2019-07-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-09-30T22:57:56+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss EAP 7.2" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2938" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7.2" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "undertow: Information leak in requests for directories without trailing slashes" }, { "cve": "CVE-2019-10202", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2019-06-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1731271" } ], "notes": [ { "category": "description", "text": "A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EAP 7. This CVE fixes CVE-2017-17485, CVE-2017-7525, CVE-2017-15095, CVE-2018-5968, CVE-2018-7489, CVE-2018-1000873, CVE-2019-12086 reported for FasterXML jackson-databind by implementing a whitelist approach that will mitigate these vulnerabilities and future ones alike.", "title": "Vulnerability description" }, { "category": "summary", "text": "codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7.2" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10202" }, { "category": "external", "summary": "RHBZ#1731271", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731271" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10202", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10202" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10202", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10202" } ], "release_date": "2019-09-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-09-30T22:57:56+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss EAP 7.2" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2938" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7.2" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities" }, { "cve": "CVE-2019-10212", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2019-07-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1731984" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user\u2019s credentials from the log files.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files", "title": "Vulnerability summary" }, { "category": "other", "text": "All the Red Hat products using the undertow-core jar version 2.0.20 or before are affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7.2" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10212" }, { "category": "external", "summary": "RHBZ#1731984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731984" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10212", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10212" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10212", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10212" } ], "release_date": "2019-09-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-09-30T22:57:56+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss EAP 7.2" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2938" }, { "category": "workaround", "details": "Use Elytron instead of legacy Security subsystem.", "product_ids": [ "Red Hat JBoss EAP 7.2" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7.2" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files" }, { "cve": "CVE-2019-12086", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-05-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1713468" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath, and an attacker can host a crafted MySQL server reachable by the victim, an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server.", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7.2" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12086" }, { "category": "external", "summary": "RHBZ#1713468", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713468" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12086", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12086" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12086", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12086" } ], "release_date": "2019-05-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-09-30T22:57:56+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss EAP 7.2" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2938" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Red Hat JBoss EAP 7.2" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7.2" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server." }, { "cve": "CVE-2019-12384", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2019-06-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1725807" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in FasterXML jackson-databind in versions prior to 2.9.9. The vulnerability would permit polymorphic deserialization of malicious objects using the logback-core gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. Depending on the classpath content, remote code execution may be possible.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack\u0027s OpenDaylight does not use logback in any supported configuration. Therefore, the prerequisites for this vulnerability are not present and OpenDaylight is not affected.\n\nThis vulnerability relies on logback-core (ch.qos.logback.core) being present in the application\u0027s ClassPath. Logback-core is not packaged as an RPM for Red Hat Enterprise Linux or Red Hat Software Collections. Applications using jackson-databind that do not also use logback-core are not impacted by this vulnerability.\n\nThis issue affects the versions of jackson-databind bundled with candlepin as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7.2" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12384" }, { "category": "external", "summary": "RHBZ#1725807", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725807" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12384", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12384" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12384", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12384" } ], "release_date": "2019-06-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-09-30T22:57:56+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss EAP 7.2" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2938" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Red Hat JBoss EAP 7.2" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7.2" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution" }, { "cve": "CVE-2019-12814", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-06-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1725795" } ], "notes": [ { "category": "description", "text": "A new polymorphic typing flaw was discovered in FasterXML jackson-databind, versions 2.x through 2.9.9. With default typing enabled, an attacker can send a specifically crafted JSON message to the server that allows them to read arbitrary local files.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message.", "title": "Vulnerability summary" }, { "category": "other", "text": "* Red Hat Satellite 6 does not include the jdom or jdom2 packages, thus it is not affected by this vulnerability. \n* Red Hat OpenStack\u0027s OpenDaylight does not include the jdom or jdom2 packages, thus it is not affected by this vulnerability.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7.2" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12814" }, { "category": "external", "summary": "RHBZ#1725795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725795" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12814", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12814" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12814", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12814" } ], "release_date": "2019-06-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-09-30T22:57:56+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss EAP 7.2" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2938" }, { "category": "workaround", "details": "This vulnerability relies on jdom (org.jdom) or jdom2 (org.jdom2) being present in the application\u0027s ClassPath. Applications using jackson-databind that do not also use jdom or jdom2 are not impacted by this vulnerability.", "product_ids": [ "Red Hat JBoss EAP 7.2" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7.2" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message." }, { "cve": "CVE-2019-14379", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2019-07-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1737517" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the ehcache and logback JNDI gadgets when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: default typing mishandling leading to remote code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nSimilarly, Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7.2" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14379" }, { "category": "external", "summary": "RHBZ#1737517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14379", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14379" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379" } ], "release_date": "2019-07-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-09-30T22:57:56+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss EAP 7.2" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2938" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Red Hat JBoss EAP 7.2" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7.2" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: default typing mishandling leading to remote code execution" }, { "cve": "CVE-2019-19343", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-12-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1780445" } ], "notes": [ { "category": "description", "text": "A flaw was found in Undertow when using Remoting as shipped in Red Hat Jboss EAP before version 7.2.4. A memory leak in HttpOpenListener due to holding remote connections indefinitely may lead to denial of service. Versions before undertow 2.0.25.SP1 and jboss-remoting 5.0.14.SP1 are believed to be vulnerable.", "title": "Vulnerability description" }, { "category": "summary", "text": "Undertow: Memory Leak in Undertow HttpOpenListener due to holding remoting connections indefinitely", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7.2" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19343" }, { "category": "external", "summary": "RHBZ#1780445", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1780445" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19343", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19343" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19343", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19343" } ], "release_date": "2019-12-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-09-30T22:57:56+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss EAP 7.2" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2938" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7.2" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Undertow: Memory Leak in Undertow HttpOpenListener due to holding remoting connections indefinitely" } ] }
rhsa-2019_3045
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "New Red Hat Single Sign-On 7.3.4 packages are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.4 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.3.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: cross-realm user access auth bypass (CVE-2019-14832)\n\n* keycloak: adapter endpoints are exposed via arbitrary URLs (CVE-2019-14820)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message (CVE-2019-12814)\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2019:3045", "url": "https://access.redhat.com/errata/RHSA-2019:3045" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", "url": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/" }, { "category": "external", "summary": "1649870", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649870" }, { "category": "external", "summary": "1713068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713068" }, { "category": "external", "summary": "1713468", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713468" }, { "category": "external", "summary": "1725795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725795" }, { "category": "external", "summary": "1737517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517" }, { "category": "external", "summary": "1749487", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749487" }, { "category": "external", "summary": "KEYCLOAK-11455", "url": "https://issues.redhat.com/browse/KEYCLOAK-11455" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3045.json" } ], "title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.3.4 security update on RHEL 7", "tracking": { "current_release_date": "2024-11-15T04:11:20+00:00", "generator": { "date": "2024-11-15T04:11:20+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2019:3045", "initial_release_date": "2019-10-14T18:29:54+00:00", "revision_history": [ { "date": "2019-10-14T18:29:54+00:00", "number": "1", "summary": "Initial version" }, { "date": "2019-10-14T18:29:54+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T04:11:20+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Single Sign-On 7.3 for RHEL 7 Server", "product": { "name": "Red Hat Single Sign-On 7.3 for RHEL 7 Server", "product_id": "7Server-RHSSO-7.3", "product_identification_helper": { "cpe": "cpe:/a:redhat:red_hat_single_sign_on:7::el7" } } } ], "category": "product_family", "name": "Red Hat Single Sign-On" }, { "branches": [ { "category": "product_version", "name": "rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64", "product": { "name": "rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64", "product_id": "rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-sso7-libunix-dbus-java@0.8.0-2.el7sso?arch=x86_64" } } }, { "category": "product_version", "name": "rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64", "product": { "name": "rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64", "product_id": "rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-sso7-libunix-dbus-java-devel@0.8.0-2.el7sso?arch=x86_64" } } }, { "category": "product_version", "name": "rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64", "product": { "name": "rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64", "product_id": "rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-sso7-libunix-dbus-java-debuginfo@0.8.0-2.el7sso?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src", "product": { "name": "rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src", "product_id": "rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-sso7-libunix-dbus-java@0.8.0-2.el7sso?arch=src" } } }, { "category": "product_version", "name": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src", "product": { "name": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src", "product_id": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-sso7-keycloak@4.8.13-1.Final_redhat_00001.1.el7sso?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "product": { "name": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "product_id": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-sso7-keycloak@4.8.13-1.Final_redhat_00001.1.el7sso?arch=noarch" } } }, { "category": "product_version", "name": "rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "product": { "name": "rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "product_id": "rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-sso7-keycloak-server@4.8.13-1.Final_redhat_00001.1.el7sso?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch as a component of Red Hat Single Sign-On 7.3 for RHEL 7 Server", "product_id": "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch" }, "product_reference": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "relates_to_product_reference": "7Server-RHSSO-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src as a component of Red Hat Single Sign-On 7.3 for RHEL 7 Server", "product_id": "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src" }, "product_reference": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src", "relates_to_product_reference": "7Server-RHSSO-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch as a component of Red Hat Single Sign-On 7.3 for RHEL 7 Server", "product_id": "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch" }, "product_reference": "rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "relates_to_product_reference": "7Server-RHSSO-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src as a component of Red Hat Single Sign-On 7.3 for RHEL 7 Server", "product_id": "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src" }, "product_reference": "rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src", "relates_to_product_reference": "7Server-RHSSO-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64 as a component of Red Hat Single Sign-On 7.3 for RHEL 7 Server", "product_id": "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64" }, "product_reference": "rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64", "relates_to_product_reference": "7Server-RHSSO-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64 as a component of Red Hat Single Sign-On 7.3 for RHEL 7 Server", "product_id": "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64" }, "product_reference": "rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64", "relates_to_product_reference": "7Server-RHSSO-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64 as a component of Red Hat Single Sign-On 7.3 for RHEL 7 Server", "product_id": "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64" }, "product_reference": "rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64", "relates_to_product_reference": "7Server-RHSSO-7.3" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Christian Schl\u00fcter" ], "organization": "Viada" } ], "cve": "CVE-2019-10184", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "discovery_date": "2019-03-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1713068" } ], "notes": [ { "category": "description", "text": "undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: Information leak in requests for directories without trailing slashes", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10184" }, { "category": "external", "summary": "RHBZ#1713068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713068" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10184", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10184" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10184", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10184" } ], "release_date": "2019-07-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T18:29:54+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "undertow: Information leak in requests for directories without trailing slashes" }, { "cve": "CVE-2019-12086", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-05-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1713468" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath, and an attacker can host a crafted MySQL server reachable by the victim, an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server.", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12086" }, { "category": "external", "summary": "RHBZ#1713468", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713468" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12086", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12086" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12086", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12086" } ], "release_date": "2019-05-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T18:29:54+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3045" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server." }, { "cve": "CVE-2019-12814", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-06-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1725795" } ], "notes": [ { "category": "description", "text": "A new polymorphic typing flaw was discovered in FasterXML jackson-databind, versions 2.x through 2.9.9. With default typing enabled, an attacker can send a specifically crafted JSON message to the server that allows them to read arbitrary local files.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message.", "title": "Vulnerability summary" }, { "category": "other", "text": "* Red Hat Satellite 6 does not include the jdom or jdom2 packages, thus it is not affected by this vulnerability. \n* Red Hat OpenStack\u0027s OpenDaylight does not include the jdom or jdom2 packages, thus it is not affected by this vulnerability.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12814" }, { "category": "external", "summary": "RHBZ#1725795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725795" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12814", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12814" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12814", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12814" } ], "release_date": "2019-06-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T18:29:54+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3045" }, { "category": "workaround", "details": "This vulnerability relies on jdom (org.jdom) or jdom2 (org.jdom2) being present in the application\u0027s ClassPath. Applications using jackson-databind that do not also use jdom or jdom2 are not impacted by this vulnerability.", "product_ids": [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message." }, { "cve": "CVE-2019-14379", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2019-07-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1737517" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the ehcache and logback JNDI gadgets when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: default typing mishandling leading to remote code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nSimilarly, Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14379" }, { "category": "external", "summary": "RHBZ#1737517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14379", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14379" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379" } ], "release_date": "2019-07-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T18:29:54+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3045" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: default typing mishandling leading to remote code execution" }, { "cve": "CVE-2019-14820", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2018-11-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1649870" } ], "notes": [ { "category": "description", "text": "It was found that keycloak exposes internal adapter endpoints in org.keycloak.constants.AdapterConstants, which can be invoked via a specially-crafted URL. This vulnerability could allow an attacker to access unauthorized information.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: adapter endpoints are exposed via arbitrary URLs", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14820" }, { "category": "external", "summary": "RHBZ#1649870", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649870" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14820", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14820" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14820", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14820" } ], "release_date": "2019-10-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T18:29:54+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "keycloak: adapter endpoints are exposed via arbitrary URLs" }, { "cve": "CVE-2019-14832", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "discovery_date": "2019-07-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1749487" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Keycloak REST API where it would permit user access from a realm the user was not configured. An authenticated attacker with knowledge of a user id could use this flaw to access unauthorized information or to carry out further attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: cross-realm user access auth bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14832" }, { "category": "external", "summary": "RHBZ#1749487", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749487" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14832", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14832" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14832", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14832" } ], "release_date": "2019-10-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T18:29:54+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3045" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el7sso.noarch", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.src", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-debuginfo-0:0.8.0-2.el7sso.x86_64", "7Server-RHSSO-7.3:rh-sso7-libunix-dbus-java-devel-0:0.8.0-2.el7sso.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: cross-realm user access auth bypass" } ] }
rhsa-2019_2998
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat OpenShift Application Runtimes.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications (monoliths and microservices) for OpenShift as a containerized platform.\n\nThis release of RHOAR Thorntail 2.5.0 serves as a replacement for RHOAR Thorntail 2.4.0, and includes security and bug fixes and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* keycloak: session hijack using the user access token (CVE-2019-3868)\n\n* undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed (CVE-2019-3888)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)\n\n* jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)\n\n* undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files (CVE-2019-10212)\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2019:2998", "url": "https://access.redhat.com/errata/RHSA-2019:2998" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.thorntail\u0026version=2.5.0", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.thorntail\u0026version=2.5.0" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_openshift_application_runtimes/1/html/release_notes_for_thorntail_2/", "url": "https://access.redhat.com/documentation/en-us/red_hat_openshift_application_runtimes/1/html/release_notes_for_thorntail_2/" }, { "category": "external", "summary": "1679144", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1679144" }, { "category": "external", "summary": "1693777", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1693777" }, { "category": "external", "summary": "1713068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713068" }, { "category": "external", "summary": "1713468", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713468" }, { "category": "external", "summary": "1725807", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725807" }, { "category": "external", "summary": "1731984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731984" }, { "category": "external", "summary": "1737517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_2998.json" } ], "title": "Red Hat Security Advisory: Red Hat OpenShift Application Runtimes Thorntail 2.5.0 security \u0026 bug fix update", "tracking": { "current_release_date": "2024-11-15T05:17:36+00:00", "generator": { "date": "2024-11-15T05:17:36+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2019:2998", "initial_release_date": "2019-10-10T09:54:27+00:00", "revision_history": [ { "date": "2019-10-10T09:54:27+00:00", "number": "1", "summary": "Initial version" }, { "date": "2019-10-10T09:54:27+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T05:17:36+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Text-Only RHOAR", "product": { "name": "Text-Only RHOAR", "product_id": "Text-Only RHOAR", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0" } } } ], "category": "product_family", "name": "Red Hat OpenShift Application Runtimes" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Caranzo Gideon", "Muzamil Muein", "Siddiqui Najam" ], "organization": "Gemalto E\u0026C" } ], "cve": "CVE-2019-3868", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-02-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1679144" } ], "notes": [ { "category": "description", "text": "Keycloak up to version 6.0.0 allows the end user token (access or id token JWT) to be used as the session cookie for browser sessions for OIDC. As a result an attacker with access to service provider backend could hijack user\u2019s browser session.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: session hijack using the user access token", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Text-Only RHOAR" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-3868" }, { "category": "external", "summary": "RHBZ#1679144", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1679144" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-3868", "url": "https://www.cve.org/CVERecord?id=CVE-2019-3868" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3868", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3868" } ], "release_date": "2019-04-23T16:59:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-10T09:54:27+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Text-Only RHOAR" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2998" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.8, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "Text-Only RHOAR" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: session hijack using the user access token" }, { "acknowledgments": [ { "names": [ "Carter Kozak" ] } ], "cve": "CVE-2019-3888", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2019-03-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1693777" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUEST_LOGGER.undertowRequestFailed(t, exchange)", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Text-Only RHOAR" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-3888" }, { "category": "external", "summary": "RHBZ#1693777", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1693777" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-3888", "url": "https://www.cve.org/CVERecord?id=CVE-2019-3888" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3888", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3888" } ], "release_date": "2019-06-10T15:13:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-10T09:54:27+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Text-Only RHOAR" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2998" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Text-Only RHOAR" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed" }, { "acknowledgments": [ { "names": [ "Christian Schl\u00fcter" ], "organization": "Viada" } ], "cve": "CVE-2019-10184", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "discovery_date": "2019-03-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1713068" } ], "notes": [ { "category": "description", "text": "undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: Information leak in requests for directories without trailing slashes", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Text-Only RHOAR" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10184" }, { "category": "external", "summary": "RHBZ#1713068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713068" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10184", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10184" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10184", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10184" } ], "release_date": "2019-07-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-10T09:54:27+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Text-Only RHOAR" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2998" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "Text-Only RHOAR" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "undertow: Information leak in requests for directories without trailing slashes" }, { "cve": "CVE-2019-10212", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2019-07-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1731984" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user\u2019s credentials from the log files.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files", "title": "Vulnerability summary" }, { "category": "other", "text": "All the Red Hat products using the undertow-core jar version 2.0.20 or before are affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Text-Only RHOAR" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10212" }, { "category": "external", "summary": "RHBZ#1731984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731984" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10212", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10212" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10212", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10212" } ], "release_date": "2019-09-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-10T09:54:27+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Text-Only RHOAR" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2998" }, { "category": "workaround", "details": "Use Elytron instead of legacy Security subsystem.", "product_ids": [ "Text-Only RHOAR" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N", "version": "3.0" }, "products": [ "Text-Only RHOAR" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files" }, { "cve": "CVE-2019-12086", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-05-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1713468" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath, and an attacker can host a crafted MySQL server reachable by the victim, an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server.", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Text-Only RHOAR" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12086" }, { "category": "external", "summary": "RHBZ#1713468", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713468" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12086", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12086" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12086", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12086" } ], "release_date": "2019-05-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-10T09:54:27+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Text-Only RHOAR" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2998" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Text-Only RHOAR" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Text-Only RHOAR" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server." }, { "cve": "CVE-2019-12384", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2019-06-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1725807" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in FasterXML jackson-databind in versions prior to 2.9.9. The vulnerability would permit polymorphic deserialization of malicious objects using the logback-core gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. Depending on the classpath content, remote code execution may be possible.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack\u0027s OpenDaylight does not use logback in any supported configuration. Therefore, the prerequisites for this vulnerability are not present and OpenDaylight is not affected.\n\nThis vulnerability relies on logback-core (ch.qos.logback.core) being present in the application\u0027s ClassPath. Logback-core is not packaged as an RPM for Red Hat Enterprise Linux or Red Hat Software Collections. Applications using jackson-databind that do not also use logback-core are not impacted by this vulnerability.\n\nThis issue affects the versions of jackson-databind bundled with candlepin as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Text-Only RHOAR" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12384" }, { "category": "external", "summary": "RHBZ#1725807", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725807" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12384", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12384" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12384", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12384" } ], "release_date": "2019-06-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-10T09:54:27+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Text-Only RHOAR" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2998" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Text-Only RHOAR" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Text-Only RHOAR" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution" }, { "cve": "CVE-2019-14379", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2019-07-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1737517" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the ehcache and logback JNDI gadgets when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: default typing mishandling leading to remote code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nSimilarly, Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Text-Only RHOAR" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14379" }, { "category": "external", "summary": "RHBZ#1737517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14379", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14379" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379" } ], "release_date": "2019-07-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-10T09:54:27+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Text-Only RHOAR" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2998" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Text-Only RHOAR" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Text-Only RHOAR" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: default typing mishandling leading to remote code execution" } ] }
rhsa-2019_3044
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "New Red Hat Single Sign-On 7.3.4 packages are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.4 on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.3.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: cross-realm user access auth bypass (CVE-2019-14832)\n\n* keycloak: adapter endpoints are exposed via arbitrary URLs (CVE-2019-14820)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message (CVE-2019-12814)\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2019:3044", "url": "https://access.redhat.com/errata/RHSA-2019:3044" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", "url": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/" }, { "category": "external", "summary": "1649870", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649870" }, { "category": "external", "summary": "1713068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713068" }, { "category": "external", "summary": "1713468", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713468" }, { "category": "external", "summary": "1725795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725795" }, { "category": "external", "summary": "1737517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517" }, { "category": "external", "summary": "1749487", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749487" }, { "category": "external", "summary": "KEYCLOAK-11454", "url": "https://issues.redhat.com/browse/KEYCLOAK-11454" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3044.json" } ], "title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.3.4 security update on RHEL 6", "tracking": { "current_release_date": "2024-11-15T04:11:14+00:00", "generator": { "date": "2024-11-15T04:11:14+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2019:3044", "initial_release_date": "2019-10-14T18:29:48+00:00", "revision_history": [ { "date": "2019-10-14T18:29:48+00:00", "number": "1", "summary": "Initial version" }, { "date": "2019-10-14T18:29:48+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T04:11:14+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Single Sign-On 7.3 for RHEL 6 Server", "product": { "name": "Red Hat Single Sign-On 7.3 for RHEL 6 Server", "product_id": "6Server-RHSSO-7.3", "product_identification_helper": { "cpe": "cpe:/a:redhat:red_hat_single_sign_on:7::el6" } } } ], "category": "product_family", "name": "Red Hat Single Sign-On" }, { "branches": [ { "category": "product_version", "name": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "product": { "name": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "product_id": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-sso7-keycloak@4.8.13-1.Final_redhat_00001.1.el6sso?arch=noarch" } } }, { "category": "product_version", "name": "rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "product": { "name": "rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "product_id": "rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-sso7-keycloak-server@4.8.13-1.Final_redhat_00001.1.el6sso?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src", "product": { "name": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src", "product_id": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-sso7-keycloak@4.8.13-1.Final_redhat_00001.1.el6sso?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch as a component of Red Hat Single Sign-On 7.3 for RHEL 6 Server", "product_id": "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch" }, "product_reference": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "relates_to_product_reference": "6Server-RHSSO-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src as a component of Red Hat Single Sign-On 7.3 for RHEL 6 Server", "product_id": "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src" }, "product_reference": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src", "relates_to_product_reference": "6Server-RHSSO-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch as a component of Red Hat Single Sign-On 7.3 for RHEL 6 Server", "product_id": "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch" }, "product_reference": "rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "relates_to_product_reference": "6Server-RHSSO-7.3" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Christian Schl\u00fcter" ], "organization": "Viada" } ], "cve": "CVE-2019-10184", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "discovery_date": "2019-03-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1713068" } ], "notes": [ { "category": "description", "text": "undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: Information leak in requests for directories without trailing slashes", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10184" }, { "category": "external", "summary": "RHBZ#1713068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713068" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10184", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10184" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10184", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10184" } ], "release_date": "2019-07-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T18:29:48+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "undertow: Information leak in requests for directories without trailing slashes" }, { "cve": "CVE-2019-12086", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-05-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1713468" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath, and an attacker can host a crafted MySQL server reachable by the victim, an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server.", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12086" }, { "category": "external", "summary": "RHBZ#1713468", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713468" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12086", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12086" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12086", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12086" } ], "release_date": "2019-05-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T18:29:48+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3044" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server." }, { "cve": "CVE-2019-12814", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-06-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1725795" } ], "notes": [ { "category": "description", "text": "A new polymorphic typing flaw was discovered in FasterXML jackson-databind, versions 2.x through 2.9.9. With default typing enabled, an attacker can send a specifically crafted JSON message to the server that allows them to read arbitrary local files.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message.", "title": "Vulnerability summary" }, { "category": "other", "text": "* Red Hat Satellite 6 does not include the jdom or jdom2 packages, thus it is not affected by this vulnerability. \n* Red Hat OpenStack\u0027s OpenDaylight does not include the jdom or jdom2 packages, thus it is not affected by this vulnerability.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12814" }, { "category": "external", "summary": "RHBZ#1725795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725795" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12814", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12814" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12814", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12814" } ], "release_date": "2019-06-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T18:29:48+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3044" }, { "category": "workaround", "details": "This vulnerability relies on jdom (org.jdom) or jdom2 (org.jdom2) being present in the application\u0027s ClassPath. Applications using jackson-databind that do not also use jdom or jdom2 are not impacted by this vulnerability.", "product_ids": [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message." }, { "cve": "CVE-2019-14379", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2019-07-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1737517" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the ehcache and logback JNDI gadgets when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: default typing mishandling leading to remote code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nSimilarly, Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14379" }, { "category": "external", "summary": "RHBZ#1737517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14379", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14379" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379" } ], "release_date": "2019-07-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T18:29:48+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3044" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: default typing mishandling leading to remote code execution" }, { "cve": "CVE-2019-14820", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2018-11-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1649870" } ], "notes": [ { "category": "description", "text": "It was found that keycloak exposes internal adapter endpoints in org.keycloak.constants.AdapterConstants, which can be invoked via a specially-crafted URL. This vulnerability could allow an attacker to access unauthorized information.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: adapter endpoints are exposed via arbitrary URLs", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14820" }, { "category": "external", "summary": "RHBZ#1649870", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649870" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14820", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14820" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14820", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14820" } ], "release_date": "2019-10-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T18:29:48+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "keycloak: adapter endpoints are exposed via arbitrary URLs" }, { "cve": "CVE-2019-14832", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "discovery_date": "2019-07-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1749487" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Keycloak REST API where it would permit user access from a realm the user was not configured. An authenticated attacker with knowledge of a user id could use this flaw to access unauthorized information or to carry out further attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: cross-realm user access auth bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14832" }, { "category": "external", "summary": "RHBZ#1749487", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749487" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14832", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14832" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14832", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14832" } ], "release_date": "2019-10-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T18:29:48+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3044" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch", "6Server-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el6sso.src", "6Server-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el6sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: cross-realm user access auth bypass" } ] }
rhsa-2019_2937
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "This release of Red Hat JBoss Enterprise Application Platform 7.2.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message (CVE-2019-12814)\n\n* undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files (CVE-2019-10212)\n\n* codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities (CVE-2019-10202)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2019:2937", "url": "https://access.redhat.com/errata/RHSA-2019:2937" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/" }, { "category": "external", "summary": "1713068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713068" }, { "category": "external", "summary": "1713468", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713468" }, { "category": "external", "summary": "1725795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725795" }, { "category": "external", "summary": "1725807", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725807" }, { "category": "external", "summary": "1731271", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731271" }, { "category": "external", "summary": "1731984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731984" }, { "category": "external", "summary": "1737517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517" }, { "category": "external", "summary": "JBEAP-16455", "url": "https://issues.redhat.com/browse/JBEAP-16455" }, { "category": "external", "summary": "JBEAP-16779", "url": "https://issues.redhat.com/browse/JBEAP-16779" }, { "category": "external", "summary": "JBEAP-17045", "url": "https://issues.redhat.com/browse/JBEAP-17045" }, { "category": "external", "summary": "JBEAP-17062", "url": "https://issues.redhat.com/browse/JBEAP-17062" }, { "category": "external", "summary": "JBEAP-17073", "url": "https://issues.redhat.com/browse/JBEAP-17073" }, { "category": "external", "summary": "JBEAP-17109", "url": "https://issues.redhat.com/browse/JBEAP-17109" }, { "category": "external", "summary": "JBEAP-17112", "url": "https://issues.redhat.com/browse/JBEAP-17112" }, { "category": "external", "summary": "JBEAP-17144", "url": "https://issues.redhat.com/browse/JBEAP-17144" }, { "category": "external", "summary": "JBEAP-17162", "url": "https://issues.redhat.com/browse/JBEAP-17162" }, { "category": "external", "summary": "JBEAP-17178", "url": "https://issues.redhat.com/browse/JBEAP-17178" }, { "category": "external", "summary": "JBEAP-17182", "url": "https://issues.redhat.com/browse/JBEAP-17182" }, { "category": "external", "summary": "JBEAP-17183", "url": "https://issues.redhat.com/browse/JBEAP-17183" }, { "category": "external", "summary": "JBEAP-17223", "url": "https://issues.redhat.com/browse/JBEAP-17223" }, { "category": "external", "summary": "JBEAP-17238", "url": "https://issues.redhat.com/browse/JBEAP-17238" }, { "category": "external", "summary": "JBEAP-17250", "url": "https://issues.redhat.com/browse/JBEAP-17250" }, { "category": "external", "summary": "JBEAP-17271", "url": "https://issues.redhat.com/browse/JBEAP-17271" }, { "category": "external", "summary": "JBEAP-17273", "url": "https://issues.redhat.com/browse/JBEAP-17273" }, { "category": "external", "summary": "JBEAP-17274", "url": "https://issues.redhat.com/browse/JBEAP-17274" }, { "category": "external", "summary": "JBEAP-17276", "url": "https://issues.redhat.com/browse/JBEAP-17276" }, { "category": "external", "summary": "JBEAP-17277", "url": "https://issues.redhat.com/browse/JBEAP-17277" }, { "category": "external", "summary": "JBEAP-17278", "url": "https://issues.redhat.com/browse/JBEAP-17278" }, { "category": "external", "summary": "JBEAP-17294", "url": "https://issues.redhat.com/browse/JBEAP-17294" }, { "category": "external", "summary": "JBEAP-17311", "url": "https://issues.redhat.com/browse/JBEAP-17311" }, { "category": "external", "summary": "JBEAP-17320", "url": "https://issues.redhat.com/browse/JBEAP-17320" }, { "category": "external", "summary": "JBEAP-17321", "url": "https://issues.redhat.com/browse/JBEAP-17321" }, { "category": "external", "summary": "JBEAP-17334", "url": "https://issues.redhat.com/browse/JBEAP-17334" }, { "category": "external", "summary": "JBEAP-17527", "url": "https://issues.redhat.com/browse/JBEAP-17527" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_2937.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.4 on RHEL 8 security update", "tracking": { "current_release_date": "2024-11-15T04:10:37+00:00", "generator": { "date": "2024-11-15T04:10:37+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2019:2937", "initial_release_date": "2019-10-01T07:10:39+00:00", "revision_history": [ { "date": "2019-10-01T07:10:39+00:00", "number": "1", "summary": "Initial version" }, { "date": "2019-10-01T07:10:39+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T04:10:37+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss EAP 7.2 for RHEL 8", "product": { "name": "Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product_id": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-20.SP12_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product_id": "eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-wildfly8@2.5.5-20.SP12_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product_id": "eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-api@2.5.5-20.SP12_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product_id": "eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-common@2.5.5-20.SP12_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product_id": "eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-config@2.5.5-20.SP12_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product_id": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-20.SP12_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product_id": "eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-idm-api@2.5.5-20.SP12_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product_id": "eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-idm-impl@2.5.5-20.SP12_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product_id": "eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-idm-simple-schema@2.5.5-20.SP12_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product": { "name": "eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product_id": "eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-impl@2.5.5-20.SP12_redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "product_id": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.9.3-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "product_id": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@2.0.25-1.SP1_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "product": { "name": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "product_id": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.5-4.SP3_redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "product_id": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate@5.3.11-2.SP1_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "product_id": "eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.11-2.SP1_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "product_id": "eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.11-2.SP1_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "product_id": "eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.11-2.SP1_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "product_id": "eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.11-2.SP1_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "product": { "name": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "product_id": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-codehaus-jackson@1.9.13-9.redhat_00006.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "product": { "name": "eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "product_id": "eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-codehaus-jackson-core-asl@1.9.13-9.redhat_00006.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "product": { "name": "eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "product_id": "eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-codehaus-jackson-jaxrs@1.9.13-9.redhat_00006.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "product": { "name": "eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "product_id": "eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-codehaus-jackson-mapper-asl@1.9.13-9.redhat_00006.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "product": { "name": "eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "product_id": "eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-codehaus-jackson-xc@1.9.13-9.redhat_00006.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "product_id": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.9.9-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hal-console@3.0.16-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.17-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.4.17-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.4.17-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.4.17-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.4.17-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.4.17-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.4.17-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.4.17-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.4.17-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan@9.3.7-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@9.3.7-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@9.3.7-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@9.3.7-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-commons@9.3.7-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-core@9.3.7-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-commons@9.3.7-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-spi@9.3.7-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-v53@9.3.7-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "product": { "name": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "product_id": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-netty@4.1.34-2.Final_redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "product": { "name": "eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "product_id": "eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-netty-all@4.1.34-2.Final_redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-jaxrs-api_2.1_spec@1.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-logging@3.3.3-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketbox@5.0.3-5.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketbox-infinispan@5.0.3-5.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "product": { "name": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "product_id": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-core@3.0.6-2.Final_redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "product": { "name": "eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "product_id": "eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-core-impl@3.0.6-2.Final_redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "product": { "name": "eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "product_id": "eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-core-jsf@3.0.6-2.Final_redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "product": { "name": "eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "product_id": "eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-ejb@3.0.6-2.Final_redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "product": { "name": "eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "product_id": "eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-jta@3.0.6-2.Final_redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "product": { "name": "eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "product_id": "eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-probe-core@3.0.6-2.Final_redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "product": { "name": "eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "product_id": "eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-web@3.0.6-2.Final_redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jgroups@4.0.20-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana@5.9.6-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-compensations@5.9.6-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-jbosstxbridge@5.9.6-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-jbossxts@5.9.6-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-jts-idlj@5.9.6-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-jts-integration@5.9.6-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-restat-api@5.9.6-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-restat-bridge@5.9.6-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-restat-integration@5.9.6-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-restat-util@5.9.6-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-txframework@5.9.6-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.3-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product": { "name": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_id": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-1.redhat_00005.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product": { "name": "eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_id": "eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.9.0-1.redhat_00005.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product": { "name": "eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_id": "eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.9.0-1.redhat_00005.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product": { "name": "eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_id": "eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.9.0-1.redhat_00005.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product": { "name": "eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_id": "eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.9.0-1.redhat_00005.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product": { "name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.9.0-1.redhat_00005.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product": { "name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.9.0-1.redhat_00005.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product": { "name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_id": "eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.9.0-1.redhat_00005.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product": { "name": "eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_id": "eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.9.0-1.redhat_00005.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product": { "name": "eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_id": "eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.9.0-1.redhat_00005.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product": { "name": "eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_id": "eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.9.0-1.redhat_00005.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product": { "name": "eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_id": "eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.9.0-1.redhat_00005.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product": { "name": "eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_id": "eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.9.0-1.redhat_00005.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product": { "name": "eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_id": "eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.9.0-1.redhat_00005.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product": { "name": "eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_id": "eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.9.0-1.redhat_00005.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product": { "name": "eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_id": "eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.9.0-1.redhat_00005.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.1-4.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.3.1-4.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.3.1-4.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.3.1-4.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.3.1-4.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.3.1-4.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.3.1-4.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.3.1-4.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.3.1-4.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.3.1-4.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.3.1-4.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.3.1-4.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.3.1-4.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.3.1-4.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.3.1-4.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.23-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.6.4-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.4.3-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "product_id": "eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.9.9-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "product_id": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.9.9-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.9-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-marshalling-river@2.0.9-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-msc@1.4.8-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.14-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "product_id": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.14-1.SP1_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.6-2.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "product_id": "eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.9.9-2.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "product_id": "eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.9.9-2.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "product": { "name": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "product_id": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.2.4-1.GA_redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "product": { "name": "eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "product_id": "eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.2.4-1.GA_redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "product": { "name": "eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "product_id": "eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.2.4-1.GA_redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "product_id": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-core@2.9.9-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "product_id": "eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.9.9-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "product_id": "eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.9.9-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "product_id": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.9.9-1.redhat_00001.1.el8eap?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "product": { "name": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "product_id": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-20.SP12_redhat_00007.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "product": { "name": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "product_id": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-20.SP12_redhat_00007.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "product": { "name": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "product_id": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.9.3-1.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "product": { "name": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "product_id": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@2.0.25-1.SP1_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "product": { "name": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "product_id": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.5-4.SP3_redhat_00002.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "product": { "name": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "product_id": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate@5.3.11-2.SP1_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "product": { "name": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "product_id": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-codehaus-jackson@1.9.13-9.redhat_00006.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "product": { "name": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "product_id": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.9.9-1.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hal-console@3.0.16-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.17-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan@9.3.7-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "product": { "name": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "product_id": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-netty@4.1.34-2.Final_redhat_00002.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-jaxrs-api_2.1_spec@1.0.3-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-logging@3.3.3-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "product": { "name": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "product_id": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketbox@5.0.3-5.Final_redhat_00004.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "product": { "name": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "product_id": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-core@3.0.6-2.Final_redhat_00002.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jgroups@4.0.20-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana@5.9.6-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.3-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "product": { "name": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "product_id": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-1.redhat_00005.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "product": { "name": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "product_id": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.1-4.Final_redhat_00004.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.23-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.6.4-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.4.3-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "product": { "name": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "product_id": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.9.9-1.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.9-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-msc@1.4.8-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.14-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "product": { "name": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "product_id": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.14-1.SP1_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.6-2.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "product": { "name": "eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "product_id": "eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.9.9-2.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "product": { "name": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "product_id": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.2.4-1.GA_redhat_00002.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "product": { "name": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "product_id": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-core@2.9.9-1.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "product": { "name": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "product_id": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.9.9-1.redhat_00001.1.el8eap?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch" }, "product_reference": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src" }, "product_reference": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch" }, "product_reference": "eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch" }, "product_reference": "eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch" }, "product_reference": "eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch" }, "product_reference": "eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch" }, "product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch" }, "product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch" }, "product_reference": "eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch" }, "product_reference": "eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch" }, "product_reference": "eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch" }, "product_reference": "eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch" }, "product_reference": "eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch" }, "product_reference": "eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch" }, "product_reference": "eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch" }, "product_reference": "eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch" }, "product_reference": "eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch" }, "product_reference": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src" }, "product_reference": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch" }, "product_reference": "eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch" }, "product_reference": "eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch" }, "product_reference": "eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch" }, "product_reference": "eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch" }, "product_reference": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src" }, "product_reference": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src" }, "product_reference": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch" }, "product_reference": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src" }, "product_reference": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch" }, "product_reference": "eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src" }, "product_reference": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch" }, "product_reference": "eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src" }, "product_reference": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src" }, "product_reference": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch" }, "product_reference": "eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch" }, "product_reference": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src" }, "product_reference": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch" }, "product_reference": "eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch" }, "product_reference": "eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch" }, "product_reference": "eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch" }, "product_reference": "eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch" }, "product_reference": "eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch" }, "product_reference": "eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch" }, "product_reference": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src" }, "product_reference": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch" }, "product_reference": "eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch" }, "product_reference": "eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8", "product_id": "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.2" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Christian Schl\u00fcter" ], "organization": "Viada" } ], "cve": "CVE-2019-10184", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "discovery_date": "2019-03-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1713068" } ], "notes": [ { "category": "description", "text": "undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: Information leak in requests for directories without trailing slashes", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10184" }, { "category": "external", "summary": "RHBZ#1713068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713068" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10184", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10184" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10184", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10184" } ], "release_date": "2019-07-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-01T07:10:39+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2937" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "undertow: Information leak in requests for directories without trailing slashes" }, { "cve": "CVE-2019-10202", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2019-06-19T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1731271" } ], "notes": [ { "category": "description", "text": "A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EAP 7. This CVE fixes CVE-2017-17485, CVE-2017-7525, CVE-2017-15095, CVE-2018-5968, CVE-2018-7489, CVE-2018-1000873, CVE-2019-12086 reported for FasterXML jackson-databind by implementing a whitelist approach that will mitigate these vulnerabilities and future ones alike.", "title": "Vulnerability description" }, { "category": "summary", "text": "codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch" ], "known_not_affected": [ "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10202" }, { "category": "external", "summary": "RHBZ#1731271", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731271" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10202", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10202" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10202", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10202" } ], "release_date": "2019-09-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-01T07:10:39+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2937" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities" }, { "cve": "CVE-2019-10212", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2019-07-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1731984" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user\u2019s credentials from the log files.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files", "title": "Vulnerability summary" }, { "category": "other", "text": "All the Red Hat products using the undertow-core jar version 2.0.20 or before are affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10212" }, { "category": "external", "summary": "RHBZ#1731984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731984" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10212", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10212" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10212", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10212" } ], "release_date": "2019-09-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-01T07:10:39+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2937" }, { "category": "workaround", "details": "Use Elytron instead of legacy Security subsystem.", "product_ids": [ "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N", "version": "3.0" }, "products": [ "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files" }, { "cve": "CVE-2019-12086", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-05-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1713468" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath, and an attacker can host a crafted MySQL server reachable by the victim, an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server.", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12086" }, { "category": "external", "summary": "RHBZ#1713468", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713468" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12086", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12086" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12086", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12086" } ], "release_date": "2019-05-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-01T07:10:39+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2937" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server." }, { "cve": "CVE-2019-12384", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2019-06-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1725807" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in FasterXML jackson-databind in versions prior to 2.9.9. The vulnerability would permit polymorphic deserialization of malicious objects using the logback-core gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. Depending on the classpath content, remote code execution may be possible.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack\u0027s OpenDaylight does not use logback in any supported configuration. Therefore, the prerequisites for this vulnerability are not present and OpenDaylight is not affected.\n\nThis vulnerability relies on logback-core (ch.qos.logback.core) being present in the application\u0027s ClassPath. Logback-core is not packaged as an RPM for Red Hat Enterprise Linux or Red Hat Software Collections. Applications using jackson-databind that do not also use logback-core are not impacted by this vulnerability.\n\nThis issue affects the versions of jackson-databind bundled with candlepin as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12384" }, { "category": "external", "summary": "RHBZ#1725807", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725807" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12384", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12384" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12384", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12384" } ], "release_date": "2019-06-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-01T07:10:39+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2937" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution" }, { "cve": "CVE-2019-12814", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-06-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1725795" } ], "notes": [ { "category": "description", "text": "A new polymorphic typing flaw was discovered in FasterXML jackson-databind, versions 2.x through 2.9.9. With default typing enabled, an attacker can send a specifically crafted JSON message to the server that allows them to read arbitrary local files.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message.", "title": "Vulnerability summary" }, { "category": "other", "text": "* Red Hat Satellite 6 does not include the jdom or jdom2 packages, thus it is not affected by this vulnerability. \n* Red Hat OpenStack\u0027s OpenDaylight does not include the jdom or jdom2 packages, thus it is not affected by this vulnerability.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12814" }, { "category": "external", "summary": "RHBZ#1725795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725795" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12814", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12814" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12814", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12814" } ], "release_date": "2019-06-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-01T07:10:39+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2937" }, { "category": "workaround", "details": "This vulnerability relies on jdom (org.jdom) or jdom2 (org.jdom2) being present in the application\u0027s ClassPath. Applications using jackson-databind that do not also use jdom or jdom2 are not impacted by this vulnerability.", "product_ids": [ "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message." }, { "cve": "CVE-2019-14379", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2019-07-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1737517" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the ehcache and logback JNDI gadgets when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: default typing mishandling leading to remote code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nSimilarly, Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14379" }, { "category": "external", "summary": "RHBZ#1737517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14379", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14379" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379" } ], "release_date": "2019-07-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-01T07:10:39+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2937" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap.src", "8Base-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap.src", "8Base-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap.src", "8Base-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: default typing mishandling leading to remote code execution" } ] }
rhsa-2019_2936
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "This release of Red Hat JBoss Enterprise Application Platform 7.2.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message (CVE-2019-12814)\n\n* undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files (CVE-2019-10212)\n\n* codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities (CVE-2019-10202)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2019:2936", "url": "https://access.redhat.com/errata/RHSA-2019:2936" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/" }, { "category": "external", "summary": "1713068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713068" }, { "category": "external", "summary": "1713468", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713468" }, { "category": "external", "summary": "1725795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725795" }, { "category": "external", "summary": "1725807", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725807" }, { "category": "external", "summary": "1731271", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731271" }, { "category": "external", "summary": "1731984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731984" }, { "category": "external", "summary": "1737517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517" }, { "category": "external", "summary": "JBEAP-16455", "url": "https://issues.redhat.com/browse/JBEAP-16455" }, { "category": "external", "summary": "JBEAP-16779", "url": "https://issues.redhat.com/browse/JBEAP-16779" }, { "category": "external", "summary": "JBEAP-17045", "url": "https://issues.redhat.com/browse/JBEAP-17045" }, { "category": "external", "summary": "JBEAP-17062", "url": "https://issues.redhat.com/browse/JBEAP-17062" }, { "category": "external", "summary": "JBEAP-17073", "url": "https://issues.redhat.com/browse/JBEAP-17073" }, { "category": "external", "summary": "JBEAP-17109", "url": "https://issues.redhat.com/browse/JBEAP-17109" }, { "category": "external", "summary": "JBEAP-17112", "url": "https://issues.redhat.com/browse/JBEAP-17112" }, { "category": "external", "summary": "JBEAP-17143", "url": "https://issues.redhat.com/browse/JBEAP-17143" }, { "category": "external", "summary": "JBEAP-17162", "url": "https://issues.redhat.com/browse/JBEAP-17162" }, { "category": "external", "summary": "JBEAP-17178", "url": "https://issues.redhat.com/browse/JBEAP-17178" }, { "category": "external", "summary": "JBEAP-17182", "url": "https://issues.redhat.com/browse/JBEAP-17182" }, { "category": "external", "summary": "JBEAP-17183", "url": "https://issues.redhat.com/browse/JBEAP-17183" }, { "category": "external", "summary": "JBEAP-17223", "url": "https://issues.redhat.com/browse/JBEAP-17223" }, { "category": "external", "summary": "JBEAP-17238", "url": "https://issues.redhat.com/browse/JBEAP-17238" }, { "category": "external", "summary": "JBEAP-17250", "url": "https://issues.redhat.com/browse/JBEAP-17250" }, { "category": "external", "summary": "JBEAP-17271", "url": "https://issues.redhat.com/browse/JBEAP-17271" }, { "category": "external", "summary": "JBEAP-17273", "url": "https://issues.redhat.com/browse/JBEAP-17273" }, { "category": "external", "summary": "JBEAP-17274", "url": "https://issues.redhat.com/browse/JBEAP-17274" }, { "category": "external", "summary": "JBEAP-17276", "url": "https://issues.redhat.com/browse/JBEAP-17276" }, { "category": "external", "summary": "JBEAP-17277", "url": "https://issues.redhat.com/browse/JBEAP-17277" }, { "category": "external", "summary": "JBEAP-17278", "url": "https://issues.redhat.com/browse/JBEAP-17278" }, { "category": "external", "summary": "JBEAP-17294", "url": "https://issues.redhat.com/browse/JBEAP-17294" }, { "category": "external", "summary": "JBEAP-17311", "url": "https://issues.redhat.com/browse/JBEAP-17311" }, { "category": "external", "summary": "JBEAP-17320", "url": "https://issues.redhat.com/browse/JBEAP-17320" }, { "category": "external", "summary": "JBEAP-17321", "url": "https://issues.redhat.com/browse/JBEAP-17321" }, { "category": "external", "summary": "JBEAP-17334", "url": "https://issues.redhat.com/browse/JBEAP-17334" }, { "category": "external", "summary": "JBEAP-17527", "url": "https://issues.redhat.com/browse/JBEAP-17527" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_2936.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.4 on RHEL 7 security update", "tracking": { "current_release_date": "2024-11-15T04:10:30+00:00", "generator": { "date": "2024-11-15T04:10:30+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2019:2936", "initial_release_date": "2019-10-01T07:10:45+00:00", "revision_history": [ { "date": "2019-10-01T07:10:45+00:00", "number": "1", "summary": "Initial version" }, { "date": "2019-10-01T07:10:45+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T04:10:30+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product": { "name": "Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product_id": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-20.SP12_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product_id": "eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-wildfly8@2.5.5-20.SP12_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product_id": "eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-api@2.5.5-20.SP12_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product_id": "eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-common@2.5.5-20.SP12_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product_id": "eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-config@2.5.5-20.SP12_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product_id": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-20.SP12_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product_id": "eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-idm-api@2.5.5-20.SP12_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product_id": "eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-idm-impl@2.5.5-20.SP12_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product_id": "eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-idm-simple-schema@2.5.5-20.SP12_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product_id": "eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-impl@2.5.5-20.SP12_redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.9.3-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "product_id": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@2.0.25-1.SP1_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "product": { "name": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "product_id": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.5-4.SP3_redhat_00002.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "product_id": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate@5.3.11-2.SP1_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "product_id": "eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.11-2.SP1_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "product_id": "eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.11-2.SP1_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "product_id": "eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.11-2.SP1_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "product_id": "eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.11-2.SP1_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "product": { "name": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "product_id": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-codehaus-jackson@1.9.13-9.redhat_00006.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "product": { "name": "eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "product_id": "eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-codehaus-jackson-core-asl@1.9.13-9.redhat_00006.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "product": { "name": "eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "product_id": "eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-codehaus-jackson-jaxrs@1.9.13-9.redhat_00006.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "product": { "name": "eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "product_id": "eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-codehaus-jackson-mapper-asl@1.9.13-9.redhat_00006.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "product": { "name": "eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "product_id": "eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-codehaus-jackson-xc@1.9.13-9.redhat_00006.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hal-console@3.0.16-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.9.9-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan@9.3.7-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@9.3.7-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@9.3.7-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@9.3.7-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-commons@9.3.7-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-core@9.3.7-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-commons@9.3.7-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-spi@9.3.7-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-v53@9.3.7-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.17-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.4.17-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.4.17-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.4.17-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.4.17-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.4.17-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.4.17-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.4.17-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.4.17-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "product": { "name": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "product_id": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-netty@4.1.34-2.Final_redhat_00002.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "product": { "name": "eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "product_id": "eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-netty-all@4.1.34-2.Final_redhat_00002.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-logging@3.3.3-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-jaxrs-api_2.1_spec@1.0.3-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketbox@5.0.3-5.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketbox-infinispan@5.0.3-5.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "product": { "name": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "product_id": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-core@3.0.6-2.Final_redhat_00002.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "product": { "name": "eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "product_id": "eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-core-impl@3.0.6-2.Final_redhat_00002.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "product": { "name": "eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "product_id": "eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-core-jsf@3.0.6-2.Final_redhat_00002.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "product": { "name": "eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "product_id": "eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-ejb@3.0.6-2.Final_redhat_00002.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "product": { "name": "eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "product_id": "eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-jta@3.0.6-2.Final_redhat_00002.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "product": { "name": "eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "product_id": "eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-probe-core@3.0.6-2.Final_redhat_00002.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "product": { "name": "eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "product_id": "eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-web@3.0.6-2.Final_redhat_00002.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jgroups@4.0.20-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana@5.9.6-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-compensations@5.9.6-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-jbosstxbridge@5.9.6-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-jbossxts@5.9.6-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-jts-idlj@5.9.6-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-jts-integration@5.9.6-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-restat-api@5.9.6-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-restat-bridge@5.9.6-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-restat-integration@5.9.6-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-restat-util@5.9.6-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-txframework@5.9.6-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.3-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product": { "name": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_id": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-1.redhat_00005.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product": { "name": "eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_id": "eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.9.0-1.redhat_00005.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product": { "name": "eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_id": "eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.9.0-1.redhat_00005.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product": { "name": "eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_id": "eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.9.0-1.redhat_00005.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product": { "name": "eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_id": "eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.9.0-1.redhat_00005.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product": { "name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.9.0-1.redhat_00005.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product": { "name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.9.0-1.redhat_00005.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product": { "name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_id": "eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.9.0-1.redhat_00005.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product": { "name": "eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_id": "eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.9.0-1.redhat_00005.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product": { "name": "eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_id": "eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.9.0-1.redhat_00005.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product": { "name": "eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_id": "eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.9.0-1.redhat_00005.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product": { "name": "eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_id": "eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.9.0-1.redhat_00005.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product": { "name": "eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_id": "eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.9.0-1.redhat_00005.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product": { "name": "eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_id": "eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.9.0-1.redhat_00005.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product": { "name": "eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_id": "eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.9.0-1.redhat_00005.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product": { "name": "eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_id": "eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.9.0-1.redhat_00005.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.1-4.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.3.1-4.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.3.1-4.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.3.1-4.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.3.1-4.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.3.1-4.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.3.1-4.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.3.1-4.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.3.1-4.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.3.1-4.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.3.1-4.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.3.1-4.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.3.1-4.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.3.1-4.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.3.1-4.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.23-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.6.4-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.4.3-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.9.9-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.9.9-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.9-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-marshalling-river@2.0.9-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-msc@1.4.8-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.14-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "product_id": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.14-1.SP1_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.6-2.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "product_id": "eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.9.9-2.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "product_id": "eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.9.9-2.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "product": { "name": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "product_id": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.2.4-1.GA_redhat_00002.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "product": { "name": "eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "product_id": "eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.2.4-1.GA_redhat_00002.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "product": { "name": "eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "product_id": "eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.2.4-1.GA_redhat_00002.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "product": { "name": "eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "product_id": "eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.2.4-1.GA_redhat_00002.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "product": { "name": "eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "product_id": "eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.2.4-1.GA_redhat_00002.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-core@2.9.9-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.9.9-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.9.9-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.9.9-1.redhat_00001.1.el7eap?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "product": { "name": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "product_id": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-20.SP12_redhat_00007.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "product": { "name": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "product_id": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-20.SP12_redhat_00007.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "product": { "name": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "product_id": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.9.3-1.redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "product": { "name": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "product_id": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@2.0.25-1.SP1_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "product": { "name": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "product_id": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.5-4.SP3_redhat_00002.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "product": { "name": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "product_id": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate@5.3.11-2.SP1_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "product": { "name": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "product_id": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-codehaus-jackson@1.9.13-9.redhat_00006.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hal-console@3.0.16-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "product": { "name": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "product_id": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.9.9-1.redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan@9.3.7-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.17-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "product": { "name": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "product_id": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-netty@4.1.34-2.Final_redhat_00002.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-logging@3.3.3-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-jaxrs-api_2.1_spec@1.0.3-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "product": { "name": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "product_id": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketbox@5.0.3-5.Final_redhat_00004.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "product": { "name": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "product_id": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-core@3.0.6-2.Final_redhat_00002.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jgroups@4.0.20-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana@5.9.6-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.3-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "product": { "name": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "product_id": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-1.redhat_00005.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "product": { "name": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "product_id": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.1-4.Final_redhat_00004.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.23-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.6.4-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.4.3-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "product": { "name": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "product_id": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.9.9-1.redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.9-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-msc@1.4.8-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.14-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "product": { "name": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "product_id": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.14-1.SP1_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.6-2.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "product": { "name": "eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "product_id": "eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.9.9-2.redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "product": { "name": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "product_id": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.2.4-1.GA_redhat_00002.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "product": { "name": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "product_id": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-core@2.9.9-1.redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "product": { "name": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "product_id": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.9.9-1.redhat_00001.1.el7eap?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch" }, "product_reference": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src" }, "product_reference": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch" }, "product_reference": "eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch" }, "product_reference": "eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch" }, "product_reference": "eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch" }, "product_reference": "eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch" }, "product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch" }, "product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch" }, "product_reference": "eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch" }, "product_reference": "eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch" }, "product_reference": "eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch" }, "product_reference": "eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch" }, "product_reference": "eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch" }, "product_reference": "eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch" }, "product_reference": "eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch" }, "product_reference": "eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch" }, "product_reference": "eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch" }, "product_reference": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src" }, "product_reference": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch" }, "product_reference": "eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch" }, "product_reference": "eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch" }, "product_reference": "eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch" }, "product_reference": "eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch" }, "product_reference": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src" }, "product_reference": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src" }, "product_reference": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch" }, "product_reference": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src" }, "product_reference": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch" }, "product_reference": "eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src" }, "product_reference": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch" }, "product_reference": "eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src" }, "product_reference": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src" }, "product_reference": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch" }, "product_reference": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src" }, "product_reference": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch" }, "product_reference": "eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch" }, "product_reference": "eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch" }, "product_reference": "eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch" }, "product_reference": "eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch" }, "product_reference": "eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch" }, "product_reference": "eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src" }, "product_reference": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.2" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Christian Schl\u00fcter" ], "organization": "Viada" } ], "cve": "CVE-2019-10184", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "discovery_date": "2019-03-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1713068" } ], "notes": [ { "category": "description", "text": "undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: Information leak in requests for directories without trailing slashes", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10184" }, { "category": "external", "summary": "RHBZ#1713068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713068" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10184", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10184" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10184", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10184" } ], "release_date": "2019-07-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-01T07:10:45+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2936" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "undertow: Information leak in requests for directories without trailing slashes" }, { "cve": "CVE-2019-10202", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2019-06-19T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1731271" } ], "notes": [ { "category": "description", "text": "A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EAP 7. This CVE fixes CVE-2017-17485, CVE-2017-7525, CVE-2017-15095, CVE-2018-5968, CVE-2018-7489, CVE-2018-1000873, CVE-2019-12086 reported for FasterXML jackson-databind by implementing a whitelist approach that will mitigate these vulnerabilities and future ones alike.", "title": "Vulnerability description" }, { "category": "summary", "text": "codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch" ], "known_not_affected": [ "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10202" }, { "category": "external", "summary": "RHBZ#1731271", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731271" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10202", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10202" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10202", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10202" } ], "release_date": "2019-09-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-01T07:10:45+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2936" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities" }, { "cve": "CVE-2019-10212", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2019-07-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1731984" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user\u2019s credentials from the log files.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files", "title": "Vulnerability summary" }, { "category": "other", "text": "All the Red Hat products using the undertow-core jar version 2.0.20 or before are affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10212" }, { "category": "external", "summary": "RHBZ#1731984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731984" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10212", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10212" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10212", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10212" } ], "release_date": "2019-09-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-01T07:10:45+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2936" }, { "category": "workaround", "details": "Use Elytron instead of legacy Security subsystem.", "product_ids": [ "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files" }, { "cve": "CVE-2019-12086", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-05-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1713468" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath, and an attacker can host a crafted MySQL server reachable by the victim, an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server.", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12086" }, { "category": "external", "summary": "RHBZ#1713468", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713468" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12086", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12086" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12086", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12086" } ], "release_date": "2019-05-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-01T07:10:45+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2936" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server." }, { "cve": "CVE-2019-12384", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2019-06-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1725807" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in FasterXML jackson-databind in versions prior to 2.9.9. The vulnerability would permit polymorphic deserialization of malicious objects using the logback-core gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. Depending on the classpath content, remote code execution may be possible.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack\u0027s OpenDaylight does not use logback in any supported configuration. Therefore, the prerequisites for this vulnerability are not present and OpenDaylight is not affected.\n\nThis vulnerability relies on logback-core (ch.qos.logback.core) being present in the application\u0027s ClassPath. Logback-core is not packaged as an RPM for Red Hat Enterprise Linux or Red Hat Software Collections. Applications using jackson-databind that do not also use logback-core are not impacted by this vulnerability.\n\nThis issue affects the versions of jackson-databind bundled with candlepin as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12384" }, { "category": "external", "summary": "RHBZ#1725807", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725807" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12384", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12384" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12384", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12384" } ], "release_date": "2019-06-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-01T07:10:45+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2936" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution" }, { "cve": "CVE-2019-12814", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-06-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1725795" } ], "notes": [ { "category": "description", "text": "A new polymorphic typing flaw was discovered in FasterXML jackson-databind, versions 2.x through 2.9.9. With default typing enabled, an attacker can send a specifically crafted JSON message to the server that allows them to read arbitrary local files.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message.", "title": "Vulnerability summary" }, { "category": "other", "text": "* Red Hat Satellite 6 does not include the jdom or jdom2 packages, thus it is not affected by this vulnerability. \n* Red Hat OpenStack\u0027s OpenDaylight does not include the jdom or jdom2 packages, thus it is not affected by this vulnerability.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12814" }, { "category": "external", "summary": "RHBZ#1725795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725795" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12814", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12814" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12814", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12814" } ], "release_date": "2019-06-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-01T07:10:45+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2936" }, { "category": "workaround", "details": "This vulnerability relies on jdom (org.jdom) or jdom2 (org.jdom2) being present in the application\u0027s ClassPath. Applications using jackson-databind that do not also use jdom or jdom2 are not impacted by this vulnerability.", "product_ids": [ "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message." }, { "cve": "CVE-2019-14379", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2019-07-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1737517" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the ehcache and logback JNDI gadgets when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: default typing mishandling leading to remote code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nSimilarly, Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14379" }, { "category": "external", "summary": "RHBZ#1737517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14379", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14379" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379" } ], "release_date": "2019-07-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-01T07:10:45+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2936" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap.src", "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap.src", "7Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap.src", "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: default typing mishandling leading to remote code execution" } ] }
rhsa-2019_3046
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "New Red Hat Single Sign-On 7.3.4 packages are now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.4 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.3.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: cross-realm user access auth bypass (CVE-2019-14832)\n\n* keycloak: adapter endpoints are exposed via arbitrary URLs (CVE-2019-14820)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message (CVE-2019-12814)\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2019:3046", "url": "https://access.redhat.com/errata/RHSA-2019:3046" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/", "url": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/" }, { "category": "external", "summary": "1649870", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649870" }, { "category": "external", "summary": "1713068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713068" }, { "category": "external", "summary": "1713468", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713468" }, { "category": "external", "summary": "1725795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725795" }, { "category": "external", "summary": "1737517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517" }, { "category": "external", "summary": "1749487", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749487" }, { "category": "external", "summary": "KEYCLOAK-11456", "url": "https://issues.redhat.com/browse/KEYCLOAK-11456" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3046.json" } ], "title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.3.4 security update on RHEL 8", "tracking": { "current_release_date": "2024-11-15T04:10:29+00:00", "generator": { "date": "2024-11-15T04:10:29+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2019:3046", "initial_release_date": "2019-10-14T19:01:57+00:00", "revision_history": [ { "date": "2019-10-14T19:01:57+00:00", "number": "1", "summary": "Initial version" }, { "date": "2019-10-14T19:01:57+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T04:10:29+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Single Sign-On 7.3 for RHEL 8", "product": { "name": "Red Hat Single Sign-On 7.3 for RHEL 8", "product_id": "8Base-RHSSO-7.3", "product_identification_helper": { "cpe": "cpe:/a:redhat:red_hat_single_sign_on:7::el8" } } } ], "category": "product_family", "name": "Red Hat Single Sign-On" }, { "branches": [ { "category": "product_version", "name": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "product": { "name": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "product_id": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-sso7-keycloak@4.8.13-1.Final_redhat_00001.1.el8sso?arch=noarch" } } }, { "category": "product_version", "name": "rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "product": { "name": "rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "product_id": "rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-sso7-keycloak-server@4.8.13-1.Final_redhat_00001.1.el8sso?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src", "product": { "name": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src", "product_id": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-sso7-keycloak@4.8.13-1.Final_redhat_00001.1.el8sso?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch as a component of Red Hat Single Sign-On 7.3 for RHEL 8", "product_id": "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch" }, "product_reference": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "relates_to_product_reference": "8Base-RHSSO-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src as a component of Red Hat Single Sign-On 7.3 for RHEL 8", "product_id": "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src" }, "product_reference": "rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src", "relates_to_product_reference": "8Base-RHSSO-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch as a component of Red Hat Single Sign-On 7.3 for RHEL 8", "product_id": "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch" }, "product_reference": "rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "relates_to_product_reference": "8Base-RHSSO-7.3" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Christian Schl\u00fcter" ], "organization": "Viada" } ], "cve": "CVE-2019-10184", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "discovery_date": "2019-03-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1713068" } ], "notes": [ { "category": "description", "text": "undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: Information leak in requests for directories without trailing slashes", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10184" }, { "category": "external", "summary": "RHBZ#1713068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713068" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10184", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10184" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10184", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10184" } ], "release_date": "2019-07-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T19:01:57+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3046" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "undertow: Information leak in requests for directories without trailing slashes" }, { "cve": "CVE-2019-12086", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-05-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1713468" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath, and an attacker can host a crafted MySQL server reachable by the victim, an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server.", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12086" }, { "category": "external", "summary": "RHBZ#1713468", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713468" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12086", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12086" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12086", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12086" } ], "release_date": "2019-05-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T19:01:57+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3046" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server." }, { "cve": "CVE-2019-12814", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-06-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1725795" } ], "notes": [ { "category": "description", "text": "A new polymorphic typing flaw was discovered in FasterXML jackson-databind, versions 2.x through 2.9.9. With default typing enabled, an attacker can send a specifically crafted JSON message to the server that allows them to read arbitrary local files.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message.", "title": "Vulnerability summary" }, { "category": "other", "text": "* Red Hat Satellite 6 does not include the jdom or jdom2 packages, thus it is not affected by this vulnerability. \n* Red Hat OpenStack\u0027s OpenDaylight does not include the jdom or jdom2 packages, thus it is not affected by this vulnerability.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12814" }, { "category": "external", "summary": "RHBZ#1725795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725795" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12814", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12814" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12814", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12814" } ], "release_date": "2019-06-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T19:01:57+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3046" }, { "category": "workaround", "details": "This vulnerability relies on jdom (org.jdom) or jdom2 (org.jdom2) being present in the application\u0027s ClassPath. Applications using jackson-databind that do not also use jdom or jdom2 are not impacted by this vulnerability.", "product_ids": [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message." }, { "cve": "CVE-2019-14379", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2019-07-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1737517" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the ehcache and logback JNDI gadgets when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: default typing mishandling leading to remote code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nSimilarly, Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14379" }, { "category": "external", "summary": "RHBZ#1737517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14379", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14379" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379" } ], "release_date": "2019-07-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T19:01:57+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3046" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: default typing mishandling leading to remote code execution" }, { "cve": "CVE-2019-14820", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2018-11-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1649870" } ], "notes": [ { "category": "description", "text": "It was found that keycloak exposes internal adapter endpoints in org.keycloak.constants.AdapterConstants, which can be invoked via a specially-crafted URL. This vulnerability could allow an attacker to access unauthorized information.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: adapter endpoints are exposed via arbitrary URLs", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14820" }, { "category": "external", "summary": "RHBZ#1649870", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649870" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14820", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14820" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14820", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14820" } ], "release_date": "2019-10-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T19:01:57+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3046" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "keycloak: adapter endpoints are exposed via arbitrary URLs" }, { "cve": "CVE-2019-14832", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "discovery_date": "2019-07-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1749487" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Keycloak REST API where it would permit user access from a realm the user was not configured. An authenticated attacker with knowledge of a user id could use this flaw to access unauthorized information or to carry out further attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak: cross-realm user access auth bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14832" }, { "category": "external", "summary": "RHBZ#1749487", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749487" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14832", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14832" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14832", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14832" } ], "release_date": "2019-10-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-14T19:01:57+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:3046" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch", "8Base-RHSSO-7.3:rh-sso7-keycloak-0:4.8.13-1.Final_redhat_00001.1.el8sso.src", "8Base-RHSSO-7.3:rh-sso7-keycloak-server-0:4.8.13-1.Final_redhat_00001.1.el8sso.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "keycloak: cross-realm user access auth bypass" } ] }
rhsa-2019_2935
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "This release of Red Hat JBoss Enterprise Application Platform 7.2.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message (CVE-2019-12814)\n\n* undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files (CVE-2019-10212)\n\n* codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities (CVE-2019-10202)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2019:2935", "url": "https://access.redhat.com/errata/RHSA-2019:2935" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/" }, { "category": "external", "summary": "1713068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713068" }, { "category": "external", "summary": "1713468", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713468" }, { "category": "external", "summary": "1725795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725795" }, { "category": "external", "summary": "1725807", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725807" }, { "category": "external", "summary": "1731271", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731271" }, { "category": "external", "summary": "1731984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731984" }, { "category": "external", "summary": "1737517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517" }, { "category": "external", "summary": "JBEAP-16455", "url": "https://issues.redhat.com/browse/JBEAP-16455" }, { "category": "external", "summary": "JBEAP-16779", "url": "https://issues.redhat.com/browse/JBEAP-16779" }, { "category": "external", "summary": "JBEAP-17045", "url": "https://issues.redhat.com/browse/JBEAP-17045" }, { "category": "external", "summary": "JBEAP-17062", "url": "https://issues.redhat.com/browse/JBEAP-17062" }, { "category": "external", "summary": "JBEAP-17073", "url": "https://issues.redhat.com/browse/JBEAP-17073" }, { "category": "external", "summary": "JBEAP-17109", "url": "https://issues.redhat.com/browse/JBEAP-17109" }, { "category": "external", "summary": "JBEAP-17112", "url": "https://issues.redhat.com/browse/JBEAP-17112" }, { "category": "external", "summary": "JBEAP-17142", "url": "https://issues.redhat.com/browse/JBEAP-17142" }, { "category": "external", "summary": "JBEAP-17162", "url": "https://issues.redhat.com/browse/JBEAP-17162" }, { "category": "external", "summary": "JBEAP-17178", "url": "https://issues.redhat.com/browse/JBEAP-17178" }, { "category": "external", "summary": "JBEAP-17182", "url": "https://issues.redhat.com/browse/JBEAP-17182" }, { "category": "external", "summary": "JBEAP-17183", "url": "https://issues.redhat.com/browse/JBEAP-17183" }, { "category": "external", "summary": "JBEAP-17223", "url": "https://issues.redhat.com/browse/JBEAP-17223" }, { "category": "external", "summary": "JBEAP-17238", "url": "https://issues.redhat.com/browse/JBEAP-17238" }, { "category": "external", "summary": "JBEAP-17250", "url": "https://issues.redhat.com/browse/JBEAP-17250" }, { "category": "external", "summary": "JBEAP-17271", "url": "https://issues.redhat.com/browse/JBEAP-17271" }, { "category": "external", "summary": "JBEAP-17273", "url": "https://issues.redhat.com/browse/JBEAP-17273" }, { "category": "external", "summary": "JBEAP-17274", "url": "https://issues.redhat.com/browse/JBEAP-17274" }, { "category": "external", "summary": "JBEAP-17276", "url": "https://issues.redhat.com/browse/JBEAP-17276" }, { "category": "external", "summary": "JBEAP-17277", "url": "https://issues.redhat.com/browse/JBEAP-17277" }, { "category": "external", "summary": "JBEAP-17278", "url": "https://issues.redhat.com/browse/JBEAP-17278" }, { "category": "external", "summary": "JBEAP-17294", "url": "https://issues.redhat.com/browse/JBEAP-17294" }, { "category": "external", "summary": "JBEAP-17311", "url": "https://issues.redhat.com/browse/JBEAP-17311" }, { "category": "external", "summary": "JBEAP-17320", "url": "https://issues.redhat.com/browse/JBEAP-17320" }, { "category": "external", "summary": "JBEAP-17321", "url": "https://issues.redhat.com/browse/JBEAP-17321" }, { "category": "external", "summary": "JBEAP-17334", "url": "https://issues.redhat.com/browse/JBEAP-17334" }, { "category": "external", "summary": "JBEAP-17527", "url": "https://issues.redhat.com/browse/JBEAP-17527" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_2935.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.4 on RHEL 6 Security update", "tracking": { "current_release_date": "2024-11-15T04:10:23+00:00", "generator": { "date": "2024-11-15T04:10:23+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2019:2935", "initial_release_date": "2019-10-01T07:10:26+00:00", "revision_history": [ { "date": "2019-10-01T07:10:26+00:00", "number": "1", "summary": "Initial version" }, { "date": "2019-10-01T07:10:26+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T04:10:23+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product": { "name": "Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product_id": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-20.SP12_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product_id": "eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-wildfly8@2.5.5-20.SP12_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product_id": "eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-api@2.5.5-20.SP12_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product_id": "eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-common@2.5.5-20.SP12_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product_id": "eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-config@2.5.5-20.SP12_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product_id": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-20.SP12_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product_id": "eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-idm-api@2.5.5-20.SP12_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product_id": "eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-idm-impl@2.5.5-20.SP12_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product_id": "eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-idm-simple-schema@2.5.5-20.SP12_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product": { "name": "eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product_id": "eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-impl@2.5.5-20.SP12_redhat_00007.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "product_id": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.9.3-1.redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "product_id": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@2.0.25-1.SP1_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "product": { "name": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "product_id": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.5-4.SP3_redhat_00002.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "product_id": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate@5.3.11-2.SP1_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "product_id": "eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.11-2.SP1_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "product_id": "eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.11-2.SP1_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "product_id": "eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.11-2.SP1_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "product_id": "eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.11-2.SP1_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "product": { "name": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "product_id": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-codehaus-jackson@1.9.13-9.redhat_00006.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "product": { "name": "eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "product_id": "eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-codehaus-jackson-core-asl@1.9.13-9.redhat_00006.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "product": { "name": "eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "product_id": "eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-codehaus-jackson-jaxrs@1.9.13-9.redhat_00006.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "product": { "name": "eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "product_id": "eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-codehaus-jackson-mapper-asl@1.9.13-9.redhat_00006.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "product": { "name": "eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "product_id": "eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-codehaus-jackson-xc@1.9.13-9.redhat_00006.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hal-console@3.0.16-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "product_id": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.9.9-1.redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.17-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.4.17-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.4.17-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.4.17-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.4.17-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.4.17-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.4.17-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.4.17-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.4.17-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan@9.3.7-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@9.3.7-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@9.3.7-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@9.3.7-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-commons@9.3.7-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-core@9.3.7-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-commons@9.3.7-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-spi@9.3.7-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-v53@9.3.7-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "product": { "name": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "product_id": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-netty@4.1.34-2.Final_redhat_00002.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "product": { "name": "eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "product_id": "eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-netty-all@4.1.34-2.Final_redhat_00002.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-logging@3.3.3-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-jaxrs-api_2.1_spec@1.0.3-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketbox@5.0.3-5.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketbox-infinispan@5.0.3-5.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "product": { "name": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "product_id": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-core@3.0.6-2.Final_redhat_00002.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "product": { "name": "eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "product_id": "eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-core-impl@3.0.6-2.Final_redhat_00002.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "product": { "name": "eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "product_id": "eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-core-jsf@3.0.6-2.Final_redhat_00002.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "product": { "name": "eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "product_id": "eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-ejb@3.0.6-2.Final_redhat_00002.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "product": { "name": "eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "product_id": "eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-jta@3.0.6-2.Final_redhat_00002.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "product": { "name": "eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "product_id": "eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-probe-core@3.0.6-2.Final_redhat_00002.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "product": { "name": "eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "product_id": "eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-web@3.0.6-2.Final_redhat_00002.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jgroups@4.0.20-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana@5.9.6-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-compensations@5.9.6-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-jbosstxbridge@5.9.6-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-jbossxts@5.9.6-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-jts-idlj@5.9.6-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-jts-integration@5.9.6-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-restat-api@5.9.6-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-restat-bridge@5.9.6-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-restat-integration@5.9.6-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-restat-util@5.9.6-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-txframework@5.9.6-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.3-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product": { "name": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_id": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-1.redhat_00005.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product": { "name": "eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_id": "eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.9.0-1.redhat_00005.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product": { "name": "eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_id": "eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.9.0-1.redhat_00005.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product": { "name": "eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_id": "eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.9.0-1.redhat_00005.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product": { "name": "eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_id": "eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.9.0-1.redhat_00005.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product": { "name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.9.0-1.redhat_00005.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product": { "name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.9.0-1.redhat_00005.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product": { "name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_id": "eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.9.0-1.redhat_00005.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product": { "name": "eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_id": "eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.9.0-1.redhat_00005.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product": { "name": "eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_id": "eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.9.0-1.redhat_00005.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product": { "name": "eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_id": "eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.9.0-1.redhat_00005.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product": { "name": "eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_id": "eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.9.0-1.redhat_00005.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product": { "name": "eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_id": "eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.9.0-1.redhat_00005.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product": { "name": "eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_id": "eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.9.0-1.redhat_00005.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product": { "name": "eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_id": "eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.9.0-1.redhat_00005.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product": { "name": "eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_id": "eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.9.0-1.redhat_00005.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.1-4.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.3.1-4.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.3.1-4.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.3.1-4.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.3.1-4.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.3.1-4.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.3.1-4.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.3.1-4.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.3.1-4.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.3.1-4.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.3.1-4.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.3.1-4.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.3.1-4.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.3.1-4.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.3.1-4.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0-to-eap7.2@1.3.1-4.Final_redhat_00004.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.23-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.6.4-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.4.3-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "product_id": "eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.9.9-1.redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "product_id": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.9.9-1.redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.9-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-marshalling-river@2.0.9-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-msc@1.4.8-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.14-1.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "product_id": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.14-1.SP1_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "product_id": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.6-2.Final_redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "product_id": "eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.9.9-2.redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "product_id": "eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.9.9-2.redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "product": { "name": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "product_id": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.2.4-1.GA_redhat_00002.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "product": { "name": "eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "product_id": "eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.2.4-1.GA_redhat_00002.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "product": { "name": "eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "product_id": "eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.2.4-1.GA_redhat_00002.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "product_id": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-core@2.9.9-1.redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "product_id": "eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.9.9-1.redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "product_id": "eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.9.9-1.redhat_00001.1.el6eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "product": { "name": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "product_id": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.9.9-1.redhat_00001.1.el6eap?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "product": { "name": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "product_id": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-20.SP12_redhat_00007.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "product": { "name": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "product_id": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-20.SP12_redhat_00007.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "product": { "name": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "product_id": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.9.3-1.redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "product": { "name": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "product_id": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@2.0.25-1.SP1_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "product": { "name": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "product_id": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.5-4.SP3_redhat_00002.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "product": { "name": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "product_id": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate@5.3.11-2.SP1_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "product": { "name": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "product_id": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-codehaus-jackson@1.9.13-9.redhat_00006.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "product": { "name": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "product_id": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hal-console@3.0.16-1.Final_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "product": { "name": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "product_id": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.9.9-1.redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "product": { "name": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "product_id": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.17-1.Final_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "product": { "name": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "product_id": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan@9.3.7-1.Final_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "product": { "name": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "product_id": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-netty@4.1.34-2.Final_redhat_00002.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "product": { "name": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "product_id": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-logging@3.3.3-1.Final_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "product": { "name": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "product_id": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-jaxrs-api_2.1_spec@1.0.3-1.Final_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "product": { "name": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "product_id": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketbox@5.0.3-5.Final_redhat_00004.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "product": { "name": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "product_id": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-weld-core@3.0.6-2.Final_redhat_00002.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "product": { "name": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "product_id": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jgroups@4.0.20-1.Final_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "product": { "name": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "product_id": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana@5.9.6-1.Final_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "product": { "name": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "product_id": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.3-1.Final_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "product": { "name": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "product_id": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-1.redhat_00005.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "product": { "name": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "product_id": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.1-4.Final_redhat_00004.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "product": { "name": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "product_id": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.23-1.Final_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "product": { "name": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "product_id": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.6.4-1.Final_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "product": { "name": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "product_id": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.4.3-1.Final_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "product": { "name": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "product_id": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.9.9-1.redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "product": { "name": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "product_id": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.9-1.Final_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "product": { "name": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "product_id": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-msc@1.4.8-1.Final_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "product": { "name": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "product_id": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.14-1.Final_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "product": { "name": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "product_id": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.14-1.SP1_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src", "product": { "name": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src", "product_id": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.6-2.Final_redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "product": { "name": "eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "product_id": "eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.9.9-2.redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "product": { "name": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "product_id": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.2.4-1.GA_redhat_00002.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "product": { "name": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "product_id": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-core@2.9.9-1.redhat_00001.1.el6eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "product": { "name": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "product_id": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.9.9-1.redhat_00001.1.el6eap?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch" }, "product_reference": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src" }, "product_reference": "eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch" }, "product_reference": "eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch" }, "product_reference": "eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch" }, "product_reference": "eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch" }, "product_reference": "eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch" }, "product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch" }, "product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch" }, "product_reference": "eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch" }, "product_reference": "eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch" }, "product_reference": "eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch" }, "product_reference": "eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch" }, "product_reference": "eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch" }, "product_reference": "eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch" }, "product_reference": "eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch" }, "product_reference": "eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch" }, "product_reference": "eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch" }, "product_reference": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src" }, "product_reference": "eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch" }, "product_reference": "eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch" }, "product_reference": "eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch" }, "product_reference": "eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch" }, "product_reference": "eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch" }, "product_reference": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src" }, "product_reference": "eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src" }, "product_reference": "eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src" }, "product_reference": "eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src" }, "product_reference": "eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src" }, "product_reference": "eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src" }, "product_reference": "eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src" }, "product_reference": "eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src" }, "product_reference": "eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch" }, "product_reference": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src" }, "product_reference": "eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch" }, "product_reference": "eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src" }, "product_reference": "eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch" }, "product_reference": "eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src" }, "product_reference": "eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src" }, "product_reference": "eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch" }, "product_reference": "eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch" }, "product_reference": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src" }, "product_reference": "eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch" }, "product_reference": "eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch" }, "product_reference": "eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch" }, "product_reference": "eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch" }, "product_reference": "eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch" }, "product_reference": "eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch" }, "product_reference": "eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch" }, "product_reference": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src" }, "product_reference": "eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch" }, "product_reference": "eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch" }, "product_reference": "eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch" }, "product_reference": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "relates_to_product_reference": "6Server-JBEAP-7.2" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" }, "product_reference": "eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src", "relates_to_product_reference": "6Server-JBEAP-7.2" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Christian Schl\u00fcter" ], "organization": "Viada" } ], "cve": "CVE-2019-10184", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "discovery_date": "2019-03-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1713068" } ], "notes": [ { "category": "description", "text": "undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: Information leak in requests for directories without trailing slashes", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10184" }, { "category": "external", "summary": "RHBZ#1713068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713068" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10184", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10184" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10184", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10184" } ], "release_date": "2019-07-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-01T07:10:26+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2935" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "undertow: Information leak in requests for directories without trailing slashes" }, { "cve": "CVE-2019-10202", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2019-06-19T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1731271" } ], "notes": [ { "category": "description", "text": "A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EAP 7. This CVE fixes CVE-2017-17485, CVE-2017-7525, CVE-2017-15095, CVE-2018-5968, CVE-2018-7489, CVE-2018-1000873, CVE-2019-12086 reported for FasterXML jackson-databind by implementing a whitelist approach that will mitigate these vulnerabilities and future ones alike.", "title": "Vulnerability description" }, { "category": "summary", "text": "codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch" ], "known_not_affected": [ "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10202" }, { "category": "external", "summary": "RHBZ#1731271", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731271" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10202", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10202" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10202", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10202" } ], "release_date": "2019-09-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-01T07:10:26+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2935" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities" }, { "cve": "CVE-2019-10212", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2019-07-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1731984" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user\u2019s credentials from the log files.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files", "title": "Vulnerability summary" }, { "category": "other", "text": "All the Red Hat products using the undertow-core jar version 2.0.20 or before are affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10212" }, { "category": "external", "summary": "RHBZ#1731984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731984" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10212", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10212" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10212", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10212" } ], "release_date": "2019-09-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-01T07:10:26+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2935" }, { "category": "workaround", "details": "Use Elytron instead of legacy Security subsystem.", "product_ids": [ "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "undertow: DEBUG log for io.undertow.request.security if enabled leaks credentials to log files" }, { "cve": "CVE-2019-12086", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-05-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1713468" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath, and an attacker can host a crafted MySQL server reachable by the victim, an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server.", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12086" }, { "category": "external", "summary": "RHBZ#1713468", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713468" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12086", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12086" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12086", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12086" } ], "release_date": "2019-05-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-01T07:10:26+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2935" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server." }, { "cve": "CVE-2019-12384", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2019-06-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1725807" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in FasterXML jackson-databind in versions prior to 2.9.9. The vulnerability would permit polymorphic deserialization of malicious objects using the logback-core gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. Depending on the classpath content, remote code execution may be possible.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack\u0027s OpenDaylight does not use logback in any supported configuration. Therefore, the prerequisites for this vulnerability are not present and OpenDaylight is not affected.\n\nThis vulnerability relies on logback-core (ch.qos.logback.core) being present in the application\u0027s ClassPath. Logback-core is not packaged as an RPM for Red Hat Enterprise Linux or Red Hat Software Collections. Applications using jackson-databind that do not also use logback-core are not impacted by this vulnerability.\n\nThis issue affects the versions of jackson-databind bundled with candlepin as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12384" }, { "category": "external", "summary": "RHBZ#1725807", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725807" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12384", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12384" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12384", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12384" } ], "release_date": "2019-06-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-01T07:10:26+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2935" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution" }, { "cve": "CVE-2019-12814", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-06-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1725795" } ], "notes": [ { "category": "description", "text": "A new polymorphic typing flaw was discovered in FasterXML jackson-databind, versions 2.x through 2.9.9. With default typing enabled, an attacker can send a specifically crafted JSON message to the server that allows them to read arbitrary local files.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message.", "title": "Vulnerability summary" }, { "category": "other", "text": "* Red Hat Satellite 6 does not include the jdom or jdom2 packages, thus it is not affected by this vulnerability. \n* Red Hat OpenStack\u0027s OpenDaylight does not include the jdom or jdom2 packages, thus it is not affected by this vulnerability.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12814" }, { "category": "external", "summary": "RHBZ#1725795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725795" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12814", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12814" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12814", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12814" } ], "release_date": "2019-06-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-01T07:10:26+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2935" }, { "category": "workaround", "details": "This vulnerability relies on jdom (org.jdom) or jdom2 (org.jdom2) being present in the application\u0027s ClassPath. Applications using jackson-databind that do not also use jdom or jdom2 are not impacted by this vulnerability.", "product_ids": [ "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message." }, { "cve": "CVE-2019-14379", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2019-07-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1737517" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the ehcache and logback JNDI gadgets when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: default typing mishandling leading to remote code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nSimilarly, Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14379" }, { "category": "external", "summary": "RHBZ#1737517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14379", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14379" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379" } ], "release_date": "2019-07-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-10-01T07:10:26+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2935" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap.src", "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.9.0-1.redhat_00005.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap.src", "6Server-JBEAP-7.2:eap7-codehaus-jackson-core-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-jaxrs-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-mapper-asl-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-codehaus-jackson-xc-0:1.9.13-9.redhat_00006.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.11-2.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.7-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.17-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.9-2.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-marshalling-river-0:2.0.9-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-4.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.6-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.34-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketbox-infinispan-0:5.0.3-5.Final_redhat_00004.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap.src", "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00007.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-2.Final_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap.src", "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.4-1.GA_redhat_00002.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.noarch", "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: default typing mishandling leading to remote code execution" } ] }
rhsa-2020_0983
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "A minor version update (from 7.5 to 7.6) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\n[2020-04-17 update: descriptions for mutiple components fixed for the same CVE added; also added golang CVE descriptions that were unintentionally ommitted from the original publication]", "title": "Topic" }, { "category": "general", "text": "This release of Red Hat Fuse 7.6.0 serves as a replacement for Red Hat Fuse 7.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* undertow: HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* golang: HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* undertow: HTTP/2: flood using PRIORITY frames results in excessive resource consumption (CVE-2019-9513)\n\n* undertow: HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* golang: HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* undertow: HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n\n* undertow: HTTP/2: 0-length headers lead to denial of service (CVE-2019-9516)\n\n* undertow: HTTP/2: request for large response leads to denial of service (CVE-2019-9517)\n\n* undertow: HTTP/2: flood using empty frames results in excessive resource consumption (CVE-2019-9518)\n\n* infinispan: invokeAccessibly method from ReflectionUtil class allows to invoke private methods (CVE-2019-10174)\n\n* spring-security-core: mishandling of user passwords allows logging in with a password of NULL (CVE-2019-11272)\n\n* jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* xmlrpc: Deserialization of server-side exception from faultCause in XMLRPC error response (CVE-2019-17570)\n\n* js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* logback: Serialization vulnerability in SocketServer and ServerSocketReceiver (CVE-2017-5929)\n\n* js-jquery: XSS in responses from cross-origin ajax requests (CVE-2017-16012)\n\n* apache-commons-compress: ZipArchiveInputStream.read() fails to identify correct EOF allowing for DoS via crafted zip (CVE-2018-11771)\n\n* spring-data-api: potential information disclosure through maliciously crafted example value in ExampleMatcher (CVE-2019-3802)\n\n* undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed (CVE-2019-3888)\n\n* shiro: Cookie padding oracle vulnerability with default configuration (CVE-2019-12422)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message. (CVE-2019-12814)\n\n* jackson-databind: Polymorphic typing issue related to logback/JNDI (CVE-2019-14439)\n\n* springframework: DoS Attack via Range Requests (CVE-2018-15756)\n\n* c3p0: loading XML configuration leads to denial of service (CVE-2019-5427)\n\n* undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:0983", "url": "https://access.redhat.com/errata/RHSA-2020:0983" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.fuse\u0026version=7.6.0", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.fuse\u0026version=7.6.0" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/" }, { "category": "external", "summary": "1399546", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546" }, { "category": "external", "summary": "1432858", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1432858" }, { "category": "external", "summary": "1591854", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1591854" }, { "category": "external", "summary": "1618573", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618573" }, { "category": "external", "summary": "1643043", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1643043" }, { "category": "external", "summary": "1693777", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1693777" }, { "category": "external", "summary": "1703469", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1703469" }, { "category": "external", "summary": "1709860", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1709860" }, { "category": "external", "summary": "1713068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713068" }, { "category": "external", "summary": "1725795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725795" }, { "category": "external", "summary": "1725807", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725807" }, { "category": "external", "summary": "1728993", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728993" }, { "category": "external", "summary": "1730316", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730316" }, { "category": "external", "summary": "1735645", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735645" }, { "category": "external", "summary": "1735741", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735741" }, { "category": "external", "summary": "1735744", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735744" }, { "category": "external", "summary": "1735745", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735745" }, { "category": "external", "summary": "1735749", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735749" }, { "category": "external", "summary": "1737517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517" }, { "category": "external", "summary": "1741864", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741864" }, { "category": "external", "summary": "1741868", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741868" }, { "category": "external", "summary": "1752962", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1752962" }, { "category": "external", "summary": "1774726", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1774726" }, { "category": "external", "summary": "1775193", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775193" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0983.json" } ], "title": "Red Hat Security Advisory: Red Hat Fuse 7.6.0 security update", "tracking": { "current_release_date": "2024-11-22T11:47:32+00:00", "generator": { "date": "2024-11-22T11:47:32+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:0983", "initial_release_date": "2020-03-26T15:46:59+00:00", "revision_history": [ { "date": "2020-03-26T15:46:59+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-04-20T07:19:13+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T11:47:32+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Fuse 7.6.0", "product": { "name": "Red Hat Fuse 7.6.0", "product_id": "Red Hat Fuse 7.6.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_fuse:7" } } } ], "category": "product_family", "name": "Red Hat JBoss Fuse" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2015-9251", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2016-11-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1399546" } ], "notes": [ { "category": "description", "text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting via cross-domain ajax requests", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-9251" }, { "category": "external", "summary": "RHBZ#1399546", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251", "url": "https://www.cve.org/CVERecord?id=CVE-2015-9251" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251" } ], "release_date": "2015-06-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery: Cross-site scripting via cross-domain ajax requests" }, { "cve": "CVE-2017-5929", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-03-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1432858" } ], "notes": [ { "category": "description", "text": "It was found that logback is vulnerable to a deserialization issue. Logback can be configured to allow remote logging through SocketServer/ServerSocketReceiver interfaces that can accept untrusted serialized data. Authenticated attackers on the adjacent network can leverage this vulnerability to execute arbitrary code through deserialization of custom gadget chains.", "title": "Vulnerability description" }, { "category": "summary", "text": "logback: Serialization vulnerability in SocketServer and ServerSocketReceiver", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-5929" }, { "category": "external", "summary": "RHBZ#1432858", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1432858" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5929", "url": "https://www.cve.org/CVERecord?id=CVE-2017-5929" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5929", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5929" } ], "release_date": "2017-02-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "logback: Serialization vulnerability in SocketServer and ServerSocketReceiver" }, { "cve": "CVE-2017-16012", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2018-06-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1591854" } ], "notes": [ { "category": "description", "text": "No description is available for this CVE.", "title": "Vulnerability description" }, { "category": "summary", "text": "js-jquery: XSS in responses from cross-origin ajax requests", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-16012" }, { "category": "external", "summary": "RHBZ#1591854", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1591854" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-16012", "url": "https://www.cve.org/CVERecord?id=CVE-2017-16012" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-16012", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16012" } ], "release_date": "2017-03-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "js-jquery: XSS in responses from cross-origin ajax requests" }, { "cve": "CVE-2018-11771", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2018-08-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618573" } ], "notes": [ { "category": "description", "text": "When reading a specially crafted ZIP archive, the read method of Apache Commons Compress 1.7 to 1.17\u0027s ZipArchiveInputStream can fail to return the correct EOF indication after the end of the stream has been reached. When combined with a java.io.InputStreamReader this can lead to an infinite stream, which can be used to mount a denial of service attack against services that use Compress\u0027 zip package.", "title": "Vulnerability description" }, { "category": "summary", "text": "apache-commons-compress: ZipArchiveInputStream.read() fails to identify correct EOF allowing for DoS via crafted zip", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-11771" }, { "category": "external", "summary": "RHBZ#1618573", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618573" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-11771", "url": "https://www.cve.org/CVERecord?id=CVE-2018-11771" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-11771", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11771" }, { "category": "external", "summary": "https://lists.apache.org/thread.html/b8da751fc0ca949534cdf2744111da6bb0349d2798fac94b0a50f330@%3Cannounce.apache.org%3E", "url": "https://lists.apache.org/thread.html/b8da751fc0ca949534cdf2744111da6bb0349d2798fac94b0a50f330@%3Cannounce.apache.org%3E" } ], "release_date": "2018-08-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "apache-commons-compress: ZipArchiveInputStream.read() fails to identify correct EOF allowing for DoS via crafted zip" }, { "cve": "CVE-2018-12536", "cwe": { "id": "CWE-209", "name": "Generation of Error Message Containing Sensitive Information" }, "discovery_date": "2018-06-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1597418" } ], "notes": [ { "category": "description", "text": "In Eclipse Jetty Server, all 9.x versions, on webapps deployed using default Error Handling, when an intentionally bad query arrives that doesn\u0027t match a dynamic url-pattern, and is eventually handled by the DefaultServlet\u0027s static file serving, the bad characters can trigger a java.nio.file.InvalidPathException which includes the full path to the base resource directory that the DefaultServlet and/or webapp is using. If this InvalidPathException is then handled by the default Error Handler, the InvalidPathException message is included in the error response, revealing the full server path to the requesting system.", "title": "Vulnerability description" }, { "category": "summary", "text": "jetty: full server path revealed when using the default Error Handling", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-12536" }, { "category": "external", "summary": "RHBZ#1597418", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1597418" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-12536", "url": "https://www.cve.org/CVERecord?id=CVE-2018-12536" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12536", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12536" } ], "release_date": "2018-06-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" }, { "category": "workaround", "details": "Information disclosure occurs when java.nio.file.InvalidPathException occurs and is handled by the default Jetty error handler. To protect against this, a custom error handler can be configured for that particular error or for a larger set of errors according to the documentation link below. Red Hat Product Security advises that production deployments on Jetty use custom error handlers to limit the information disclosed and to ensure effective logging of error conditions.\n\nhttp://www.eclipse.org/jetty/documentation/current/custom-error-pages.html", "product_ids": [ "Red Hat Fuse 7.6.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jetty: full server path revealed when using the default Error Handling" }, { "cve": "CVE-2018-15756", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2018-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1643043" } ], "notes": [ { "category": "description", "text": "Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controller returns an org.springframework.core.io.Resource. A malicious user (or attacker) can add a range header with a high number of ranges, or with wide ranges that overlap, or both, for a denial of service attack. This vulnerability affects applications that depend on either spring-webmvc or spring-webflux. Such applications must also have a registration for serving static resources (e.g. JS, CSS, images, and others), or have an annotated controller that returns an org.springframework.core.io.Resource. Spring Boot applications that depend on spring-boot-starter-web or spring-boot-starter-webflux are ready to serve static resources out of the box and are therefore vulnerable.", "title": "Vulnerability description" }, { "category": "summary", "text": "springframework: DoS Attack via Range Requests", "title": "Vulnerability summary" }, { "category": "other", "text": "The package rhvm-dependencies does not include the vulnerable spring-webmvc component.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-15756" }, { "category": "external", "summary": "RHBZ#1643043", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1643043" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-15756", "url": "https://www.cve.org/CVERecord?id=CVE-2018-15756" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-15756", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-15756" }, { "category": "external", "summary": "https://pivotal.io/security/cve-2018-15756", "url": "https://pivotal.io/security/cve-2018-15756" } ], "release_date": "2018-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "springframework: DoS Attack via Range Requests" }, { "cve": "CVE-2019-3802", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-06-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1730316" } ], "notes": [ { "category": "description", "text": "This affects Spring Data JPA in versions up to and including 2.1.6, 2.0.14 and 1.11.20. ExampleMatcher using ExampleMatcher.StringMatcher.STARTING, ExampleMatcher.StringMatcher.ENDING or ExampleMatcher.StringMatcher.CONTAINING could return more results than anticipated when a maliciously crafted example value is supplied.", "title": "Vulnerability description" }, { "category": "summary", "text": "spring-data-api: potential information disclosure through maliciously crafted example value in ExampleMatcher", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-3802" }, { "category": "external", "summary": "RHBZ#1730316", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730316" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-3802", "url": "https://www.cve.org/CVERecord?id=CVE-2019-3802" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3802", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3802" }, { "category": "external", "summary": "https://pivotal.io/security/cve-2019-3802", "url": "https://pivotal.io/security/cve-2019-3802" } ], "release_date": "2019-07-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "spring-data-api: potential information disclosure through maliciously crafted example value in ExampleMatcher" }, { "acknowledgments": [ { "names": [ "Carter Kozak" ] } ], "cve": "CVE-2019-3888", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2019-03-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1693777" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUEST_LOGGER.undertowRequestFailed(t, exchange)", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-3888" }, { "category": "external", "summary": "RHBZ#1693777", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1693777" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-3888", "url": "https://www.cve.org/CVERecord?id=CVE-2019-3888" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3888", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3888" } ], "release_date": "2019-06-10T15:13:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed" }, { "cve": "CVE-2019-5427", "cwe": { "id": "CWE-776", "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)" }, "discovery_date": "2019-04-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1709860" } ], "notes": [ { "category": "description", "text": "c3p0 version \u003c 0.9.5.4 may be exploited by a billion laughs attack when loading XML configuration due to missing protections against recursive entity expansion when loading configuration.", "title": "Vulnerability description" }, { "category": "summary", "text": "c3p0: loading XML configuration leads to denial of service", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6 is not vulnerable to this issue, because the candlepin component who uses the c3p0 jar never passes a XML configuration file to c3p0, even though it includes a vulnerable version of the latter. Since this issue requires a XML files to be loaded by c3p0, an exploitation path doesn\u0027t exist.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-5427" }, { "category": "external", "summary": "RHBZ#1709860", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1709860" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-5427", "url": "https://www.cve.org/CVERecord?id=CVE-2019-5427" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-5427", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5427" } ], "release_date": "2019-04-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "c3p0: loading XML configuration leads to denial of service" }, { "acknowledgments": [ { "names": [ "the Envoy security team" ] } ], "cve": "CVE-2019-9512", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-08-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1735645" } ], "notes": [ { "category": "description", "text": "A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "HTTP/2: flood using PING frames results in unbounded memory growth", "title": "Vulnerability summary" }, { "category": "other", "text": "The golang package in Red Hat OpenStack Platform 9 Operational Tools will not be updated for this flaw because it is in technical preview and is retiring as of 24.Aug.2019.\nThis issue did not affect the versions of grafana(embeds golang) as shipped with Red Hat Ceph Storage 2 and Red Hat Gluster Storage 3 as they did not include the support for HTTP/2.\nThe following storage product versions are affected because they include the support for HTTP/2 in:\n* golang as shipped with Red Hat Gluster Storage 3, Red Hat Ceph Storage 2 and Red Hat Ceph Storage 3\n* heketi(embeds golang) as shipped with Red Hat Gluster Storage 3\n* grafana(embeds golang and grpc) as shipped with Red Hat Ceph Storage 3\nThis flaw has no available mitigation for packages golang and nodejs. Both packages will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.\n\nAll OpenShift Container Platform RPMs and container images that are built with Go and support HTTP/2 are vulnerable to this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-9512" }, { "category": "external", "summary": "RHBZ#1735645", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735645" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-9512", "url": "https://www.cve.org/CVERecord?id=CVE-2019-9512" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9512", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9512" }, { "category": "external", "summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md", "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md" }, { "category": "external", "summary": "https://groups.google.com/forum/#!topic/golang-announce/65QixT3tcmg", "url": "https://groups.google.com/forum/#!topic/golang-announce/65QixT3tcmg" }, { "category": "external", "summary": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/wlHLHit1BqA", "url": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/wlHLHit1BqA" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/" }, { "category": "external", "summary": "https://www.mail-archive.com/grpc-io@googlegroups.com/msg06408.html", "url": "https://www.mail-archive.com/grpc-io@googlegroups.com/msg06408.html" } ], "release_date": "2019-08-13T17:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "HTTP/2: flood using PING frames results in unbounded memory growth" }, { "acknowledgments": [ { "names": [ "the Envoy security team" ] } ], "cve": "CVE-2019-9513", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-08-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1735741" } ], "notes": [ { "category": "description", "text": "A flaw was found in HTTP/2. An attacker, using PRIORITY frames to flood the system, could cause excessive CPU usage and starvation of other clients. The largest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "HTTP/2: flood using PRIORITY frames results in excessive resource consumption", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw has no available mitigation for packages nghttp2 and nodejs. Both packages will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-9513" }, { "category": "external", "summary": "RHBZ#1735741", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735741" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-9513", "url": "https://www.cve.org/CVERecord?id=CVE-2019-9513" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9513", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9513" }, { "category": "external", "summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md", "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md" }, { "category": "external", "summary": "https://nghttp2.org/blog/2019/08/19/nghttp2-v1-39-2/", "url": "https://nghttp2.org/blog/2019/08/19/nghttp2-v1-39-2/" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/" }, { "category": "external", "summary": "https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/", "url": "https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/" } ], "release_date": "2019-08-13T17:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" }, { "category": "workaround", "details": "Red Hat Quay 3.0 uses Nginx 1.12 from Red Hat Software Collections. It will be updated once a fixed is released for Software Collections. In the meantime users of Quay can disable http/2 support in Nginx by following these instructions:\n\n1. Copy the Nginx configuration from the quay container to the host\n$ docker cp 3aadf1421ba3:/quay-registry/conf/nginx/ /mnt/quay/nginx\n\n2. Edit the Nginx configuration, removing http/2 support\n$ sed -i \u0027s/http2 //g\u0027 /mnt/quay/nginx/nginx.conf\n\n3. Restart Nginx with the new configuration mounted into the container, eg:\n$ docker run --restart=always -p 443:8443 -p 80:8080 --sysctl net.core.somaxconn=4096 -v /mnt/quay/config:/conf/stack:Z -v /mnt/quay/storage:/datastorage -v /mnt/quay/nginx:/quay-registry/config/nginx:Z -d quay.io/redhat/quay:v3.0.3", "product_ids": [ "Red Hat Fuse 7.6.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "HTTP/2: flood using PRIORITY frames results in excessive resource consumption" }, { "acknowledgments": [ { "names": [ "the Envoy security team" ] } ], "cve": "CVE-2019-9514", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-08-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1735744" } ], "notes": [ { "category": "description", "text": "A flaw was found in HTTP/2. Using HEADER frames with invalid HTTP headers and queuing of response RST_STREAM frames, an attacker could cause a flood resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "HTTP/2: flood using HEADERS frames results in unbounded memory growth", "title": "Vulnerability summary" }, { "category": "other", "text": "The golang package in Red Hat OpenStack Platform 9 Operational Tools will not be updated for this flaw because it is in technical preview and is retiring as of 24.Aug.2019.\nThis issue did not affect the versions of grafana(embeds golang) as shipped with Red Hat Ceph Storage 2 and Red Hat Gluster Storage 3 as they did not include the support for HTTP/2.\nThe following storage product versions are affected because they include the support for HTTP/2 in:\n* golang as shipped with Red Hat Gluster Storage 3, Red Hat Ceph Storage 2 and Red Hat Ceph Storage 3\n* heketi(embeds golang) as shipped with Red Hat Gluster Storage 3\n* grafana(embeds golang and grpc) as shipped with Red Hat Ceph Storage 3\nThis flaw has no available mitigation for packages golang and nodejs. Both packages will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.\n\nAll OpenShift Container Platform RPMs and container images that are built with Go and support HTTP/2 are vulnerable to this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-9514" }, { "category": "external", "summary": "RHBZ#1735744", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735744" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-9514", "url": "https://www.cve.org/CVERecord?id=CVE-2019-9514" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9514", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9514" }, { "category": "external", "summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md", "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md" }, { "category": "external", "summary": "https://groups.google.com/forum/#!topic/golang-announce/65QixT3tcmg", "url": "https://groups.google.com/forum/#!topic/golang-announce/65QixT3tcmg" }, { "category": "external", "summary": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/wlHLHit1BqA", "url": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/wlHLHit1BqA" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/" }, { "category": "external", "summary": "https://www.mail-archive.com/grpc-io@googlegroups.com/msg06408.html", "url": "https://www.mail-archive.com/grpc-io@googlegroups.com/msg06408.html" } ], "release_date": "2019-08-13T17:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "HTTP/2: flood using HEADERS frames results in unbounded memory growth" }, { "acknowledgments": [ { "names": [ "the Envoy security team" ] } ], "cve": "CVE-2019-9515", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-08-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1735745" } ], "notes": [ { "category": "description", "text": "A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "HTTP/2: flood using SETTINGS frames results in unbounded memory growth", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the version of grafana(embeds gRPC) as shipped with Red Hat Ceph Storage 3 as it include the support for HTTP/2.\nThis flaw has no available mitigation for nodejs package. It will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-9515" }, { "category": "external", "summary": "RHBZ#1735745", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735745" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-9515", "url": "https://www.cve.org/CVERecord?id=CVE-2019-9515" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9515", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9515" }, { "category": "external", "summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md", "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/" }, { "category": "external", "summary": "https://www.mail-archive.com/grpc-io@googlegroups.com/msg06408.html", "url": "https://www.mail-archive.com/grpc-io@googlegroups.com/msg06408.html" } ], "release_date": "2019-08-13T17:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "HTTP/2: flood using SETTINGS frames results in unbounded memory growth" }, { "cve": "CVE-2019-9516", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-08-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1741864" } ], "notes": [ { "category": "description", "text": "A flaw was found in HTTP/2. An attacker, sending a stream of header with a 0-length header name and a 0-length header value, could cause some implementations to allocate memory for these headers and keep the allocations alive until the session dies. The can consume excess memory, potentially leading to a denial of service. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "HTTP/2: 0-length headers lead to denial of service", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw has no available mitigation for nodejs package. It will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-9516" }, { "category": "external", "summary": "RHBZ#1741864", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741864" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-9516", "url": "https://www.cve.org/CVERecord?id=CVE-2019-9516" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9516", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9516" }, { "category": "external", "summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md", "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md" }, { "category": "external", "summary": "https://github.com/nghttp2/nghttp2/issues/1382#", "url": "https://github.com/nghttp2/nghttp2/issues/1382#" }, { "category": "external", "summary": "https://kb.cert.org/vuls/id/605641/", "url": "https://kb.cert.org/vuls/id/605641/" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/" }, { "category": "external", "summary": "https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/", "url": "https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/" } ], "release_date": "2019-08-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" }, { "category": "workaround", "details": "Red Hat Quay 3.0 uses Nginx 1.12 from Red Hat Software Collections. It will be updated once a fixed is released for Software Collections. In the meantime users of Quay can disable http/2 support in Nginx by following these instructions:\n\n1. Copy the Nginx configuration from the quay container to the host\n$ docker cp 3aadf1421ba3:/quay-registry/conf/nginx/ /mnt/quay/nginx\n\n2. Edit the Nginx configuration, removing http/2 support\n$ sed -i \u0027s/http2 //g\u0027 /mnt/quay/nginx/nginx.conf\n\n3. Restart Nginx with the new configuration mounted into the container, eg:\n$ docker run --restart=always -p 443:8443 -p 80:8080 --sysctl net.core.somaxconn=4096 -v /mnt/quay/config:/conf/stack:Z -v /mnt/quay/storage:/datastorage -v /mnt/quay/nginx:/quay-registry/config/nginx:Z -d quay.io/redhat/quay:v3.0.3", "product_ids": [ "Red Hat Fuse 7.6.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "HTTP/2: 0-length headers lead to denial of service" }, { "cve": "CVE-2019-9517", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-08-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1741868" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in HTTP/2. An attacker can open a HTTP/2 window so the peer can send without constraint. The TCP window remains closed so the peer cannot write the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the server\u0027s queue is setup, the responses can consume excess memory, CPU, or both, potentially leading to a denial of service. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "HTTP/2: request for large response leads to denial of service", "title": "Vulnerability summary" }, { "category": "other", "text": "The package httpd versions as shipped with Red Hat Enterprise Linux 5, 6 and 7 are not affected by this issue as HTTP/2 support is not provided.\nThis flaw has no available mitigation for nodejs package. It will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-9517" }, { "category": "external", "summary": "RHBZ#1741868", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741868" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-9517", "url": "https://www.cve.org/CVERecord?id=CVE-2019-9517" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9517", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9517" }, { "category": "external", "summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md", "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md" }, { "category": "external", "summary": "https://kb.cert.org/vuls/id/605641/", "url": "https://kb.cert.org/vuls/id/605641/" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/" } ], "release_date": "2019-08-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" }, { "category": "workaround", "details": "The httpd version shipped with Red Hat Enterprise Linux 8 provides HTTP/2 support through mod_http2 package. While mod_http2 package is not updated, users can disable HTTP/2 support as mitigation action by executing the following steps:\n\n1. Stop httpd service:\n$ systemctl stop httpd\n\n2. Remove http/2 protocol support from configuration files:\n$ sed -i \u0027s/\\(h2\\)\\|\\(h2c\\)//g\u0027 \u003chttpd_config_file\u003e\n\n3. Validate configuration files to make sure all syntax is valid:\n$ apachectl configtest\n\n4. Restart httpd service:\n$ systemctl start httpd", "product_ids": [ "Red Hat Fuse 7.6.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "HTTP/2: request for large response leads to denial of service" }, { "acknowledgments": [ { "names": [ "the Envoy security team" ] } ], "cve": "CVE-2019-9518", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-08-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1735749" } ], "notes": [ { "category": "description", "text": "A flaw was found in HTTP/2. Using frames with an empty payload, a flood could occur that results in excessive CPU usage and starvation of other clients. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "HTTP/2: flood using empty frames results in excessive resource consumption", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw has no available mitigation for nodejs package. It will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-9518" }, { "category": "external", "summary": "RHBZ#1735749", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735749" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-9518", "url": "https://www.cve.org/CVERecord?id=CVE-2019-9518" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9518", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9518" }, { "category": "external", "summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md", "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/" } ], "release_date": "2019-08-13T17:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "HTTP/2: flood using empty frames results in excessive resource consumption" }, { "cve": "CVE-2019-10174", "cwe": { "id": "CWE-470", "name": "Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)" }, "discovery_date": "2018-10-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1703469" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan\u0027s privileges. The attacker can use reflection to introduce new, malicious behavior into the application.", "title": "Vulnerability description" }, { "category": "summary", "text": "infinispan: invokeAccessibly method from ReflectionUtil class allows to invoke private methods", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform\u0027s OpenDaylight contains the vulnerable library. This library is a requirement of other dependencies (Karaf and Hibernate). Under supported deployments, the vulnerable functionality is not utilized. Based on this, no OpenDaylight versions will not be fixed.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10174" }, { "category": "external", "summary": "RHBZ#1703469", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1703469" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10174", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10174" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10174", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10174" } ], "release_date": "2019-11-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" }, { "category": "workaround", "details": "There is no known mitigation for this issue.", "product_ids": [ "Red Hat Fuse 7.6.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "infinispan: invokeAccessibly method from ReflectionUtil class allows to invoke private methods" }, { "acknowledgments": [ { "names": [ "Christian Schl\u00fcter" ], "organization": "Viada" } ], "cve": "CVE-2019-10184", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "discovery_date": "2019-03-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1713068" } ], "notes": [ { "category": "description", "text": "undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: Information leak in requests for directories without trailing slashes", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10184" }, { "category": "external", "summary": "RHBZ#1713068", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713068" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10184", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10184" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10184", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10184" } ], "release_date": "2019-07-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "undertow: Information leak in requests for directories without trailing slashes" }, { "cve": "CVE-2019-10241", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-04-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1705924" } ], "notes": [ { "category": "description", "text": "In Eclipse Jetty version 9.2.26 and older, 9.3.25 and older, and 9.4.15 and older, the server is vulnerable to XSS conditions if a remote client USES a specially formatted URL against the DefaultServlet or ResourceHandler that is configured for showing a Listing of directory contents.", "title": "Vulnerability description" }, { "category": "summary", "text": "jetty: using specially formatted URL against DefaultServlet or ResourceHandler leads to XSS conditions", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of jetty which is embedded in the nutch package as shipped with Red Hat Satellite 5. The jetty server is not exposed, as such exploitation is difficult, Red Hat Product Security has rated this issue as having security impact of Low in the context of Red Hat Satellite 5. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10241" }, { "category": "external", "summary": "RHBZ#1705924", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1705924" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10241", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10241" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10241", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10241" } ], "release_date": "2019-04-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jetty: using specially formatted URL against DefaultServlet or ResourceHandler leads to XSS conditions" }, { "cve": "CVE-2019-10247", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-04-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1705993" } ], "notes": [ { "category": "description", "text": "In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Context that matches the requested path. The default server behavior on jetty-distribution and jetty-home will include at the end of the Handler tree a DefaultHandler, which is responsible for reporting this 404 error, it presents the various configured contexts as HTML for users to click through to. This produced HTML includes output that contains the configured fully qualified directory base resource location for each context.", "title": "Vulnerability description" }, { "category": "summary", "text": "jetty: error path information disclosure", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of jetty which is embedded in the nutch package as shipped with Red Hat Satellite 5. The jetty server is not exposed, as such exploitation is difficult, Red Hat Product Security has rated this issue as having security impact of Low in the context of Red Hat Satellite 5. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10247" }, { "category": "external", "summary": "RHBZ#1705993", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1705993" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10247", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10247" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10247", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10247" } ], "release_date": "2019-04-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jetty: error path information disclosure" }, { "cve": "CVE-2019-11272", "cwe": { "id": "CWE-305", "name": "Authentication Bypass by Primary Weakness" }, "discovery_date": "2019-06-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1728993" } ], "notes": [ { "category": "description", "text": "A flaw was found in Spring Security in several versions, in the use of plain text passwords using the PlaintextPasswordEncoder. If an application is using an affected version of Spring Security with the PlaintextPasswordEncoder and a user has a null encoded password, an attacker can use this flaw to authenticate using a password of \"null.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "spring-security-core: mishandling of user passwords allows logging in with a password of NULL", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform\u0027s OpenDaylight versions 9 and 10 contain the vulnerable code. However, these OpenDaylight versions were released as technical preview with limited support and will therefore not be updated. Other OpenDaylight versions do not contain the vulnerable library.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-11272" }, { "category": "external", "summary": "RHBZ#1728993", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728993" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11272", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11272" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11272", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11272" }, { "category": "external", "summary": "https://pivotal.io/security/cve-2019-11272", "url": "https://pivotal.io/security/cve-2019-11272" } ], "release_date": "2019-07-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "spring-security-core: mishandling of user passwords allows logging in with a password of NULL" }, { "cve": "CVE-2019-12384", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2019-06-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1725807" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in FasterXML jackson-databind in versions prior to 2.9.9. The vulnerability would permit polymorphic deserialization of malicious objects using the logback-core gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. Depending on the classpath content, remote code execution may be possible.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack\u0027s OpenDaylight does not use logback in any supported configuration. Therefore, the prerequisites for this vulnerability are not present and OpenDaylight is not affected.\n\nThis vulnerability relies on logback-core (ch.qos.logback.core) being present in the application\u0027s ClassPath. Logback-core is not packaged as an RPM for Red Hat Enterprise Linux or Red Hat Software Collections. Applications using jackson-databind that do not also use logback-core are not impacted by this vulnerability.\n\nThis issue affects the versions of jackson-databind bundled with candlepin as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12384" }, { "category": "external", "summary": "RHBZ#1725807", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725807" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12384", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12384" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12384", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12384" } ], "release_date": "2019-06-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Red Hat Fuse 7.6.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution" }, { "cve": "CVE-2019-12422", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2019-11-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1774726" } ], "notes": [ { "category": "description", "text": "Apache Shiro before 1.4.2, when using the default \"remember me\" configuration, cookies could be susceptible to a padding attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "shiro: Cookie padding oracle vulnerability with default configuration", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12422" }, { "category": "external", "summary": "RHBZ#1774726", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1774726" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12422", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12422" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12422", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12422" } ], "release_date": "2019-11-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "shiro: Cookie padding oracle vulnerability with default configuration" }, { "cve": "CVE-2019-12814", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-06-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1725795" } ], "notes": [ { "category": "description", "text": "A new polymorphic typing flaw was discovered in FasterXML jackson-databind, versions 2.x through 2.9.9. With default typing enabled, an attacker can send a specifically crafted JSON message to the server that allows them to read arbitrary local files.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message.", "title": "Vulnerability summary" }, { "category": "other", "text": "* Red Hat Satellite 6 does not include the jdom or jdom2 packages, thus it is not affected by this vulnerability. \n* Red Hat OpenStack\u0027s OpenDaylight does not include the jdom or jdom2 packages, thus it is not affected by this vulnerability.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12814" }, { "category": "external", "summary": "RHBZ#1725795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725795" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12814", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12814" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12814", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12814" } ], "release_date": "2019-06-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" }, { "category": "workaround", "details": "This vulnerability relies on jdom (org.jdom) or jdom2 (org.jdom2) being present in the application\u0027s ClassPath. Applications using jackson-databind that do not also use jdom or jdom2 are not impacted by this vulnerability.", "product_ids": [ "Red Hat Fuse 7.6.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message." }, { "cve": "CVE-2019-14379", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2019-07-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1737517" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the ehcache and logback JNDI gadgets when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: default typing mishandling leading to remote code execution", "title": "Vulnerability summary" }, { "category": "other", "text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nSimilarly, Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14379" }, { "category": "external", "summary": "RHBZ#1737517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14379", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14379" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379" } ], "release_date": "2019-07-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Red Hat Fuse 7.6.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: default typing mishandling leading to remote code execution" }, { "cve": "CVE-2019-14439", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-07-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1752962" } ], "notes": [ { "category": "description", "text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logback jar in the classpath.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Polymorphic typing issue related to logback/JNDI", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenDaylight provided as part of Red Hat OpenStack does not utilize logback when used in a supported configuration. Therefore, the prerequisites for this vulnerability are not present and OpenDaylight is not affected.\n\nSatellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14439" }, { "category": "external", "summary": "RHBZ#1752962", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1752962" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14439", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14439" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14439", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14439" } ], "release_date": "2019-07-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Red Hat Fuse 7.6.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Polymorphic typing issue related to logback/JNDI" }, { "acknowledgments": [ { "names": [ "Guillaume Teissier" ], "organization": "Orange" } ], "cve": "CVE-2019-17570", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2019-11-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1775193" } ], "notes": [ { "category": "description", "text": "A flaw was discovered where the XMLRPC client implementation in Apache XMLRPC, performed deserialization of the server-side exception serialized in the faultCause attribute of XMLRPC error response messages. A malicious or compromised XMLRPC server could possibly use this flaw to execute arbitrary code with the privileges of an application using the Apache XMLRPC client library.", "title": "Vulnerability description" }, { "category": "summary", "text": "xmlrpc: Deserialization of server-side exception from faultCause in XMLRPC error response", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 7 provides vulnerable version of xmlrpc via the Optional repository. As the Optional repository is not supported, this issue is not planned to be addressed there.\n\nRed Hat Virtualization Manager uses xmlrpc only for internal communication with the scheduler. Since this is a component of the Manager itself, it is not subject to attacker influence and does not represent an attack surface.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-17570" }, { "category": "external", "summary": "RHBZ#1775193", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775193" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17570", "url": "https://www.cve.org/CVERecord?id=CVE-2019-17570" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17570", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17570" }, { "category": "external", "summary": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-x2r6-4m45-m4jp", "url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-x2r6-4m45-m4jp" } ], "release_date": "2020-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-26T15:46:59+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.6.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/", "product_ids": [ "Red Hat Fuse 7.6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0983" }, { "category": "workaround", "details": "There is no known mitigation other than restricting applications using the Apache XMLRPC client library from sending requests to untrusted XMLRPC servers.", "product_ids": [ "Red Hat Fuse 7.6.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat Fuse 7.6.0" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "xmlrpc: Deserialization of server-side exception from faultCause in XMLRPC error response" } ] }
ghsa-w69w-jvc7-wjgv
Vulnerability from github
undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.
{ "affected": [ { "package": { "ecosystem": "Maven", "name": "io.undertow:undertow-servlet" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2.0.23" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2019-10184" ], "database_specific": { "cwe_ids": [ "CWE-862" ], "github_reviewed": true, "github_reviewed_at": "2019-08-01T15:23:26Z", "nvd_published_at": "2019-07-25T21:15:00Z", "severity": "HIGH" }, "details": "undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.", "id": "GHSA-w69w-jvc7-wjgv", "modified": "2023-09-25T10:52:27Z", "published": "2019-08-01T19:18:16Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10184" }, { "type": "WEB", "url": "https://github.com/undertow-io/undertow/pull/794" }, { "type": "WEB", "url": "https://github.com/undertow-io/undertow/commit/5fa7ac68c0e4251c93056d9982db5e794e04ebfa" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2019:2935" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2019:2936" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2019:2937" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2019:2938" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2019:2998" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2019:3044" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2019:3045" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2019:3046" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2019:3050" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2020:0727" }, { "type": "WEB", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10184" }, { "type": "WEB", "url": "https://issues.redhat.com/browse/UNDERTOW-1578" }, { "type": "WEB", "url": "https://security.netapp.com/advisory/ntap-20220210-0016" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "type": "CVSS_V3" } ], "summary": "Undertow Missing Authorization when requesting a protected directory without trailing slash" }
var-201907-1547
Vulnerability from variot
undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api. RedHatUndertow is a Java-based embedded Web server from RedHat, Inc., and is the default web server for Wildfly (Java Application Server). The vulnerability stems from errors in the configuration of the network system or product during operation. An unauthorized attacker can exploit the vulnerability to obtain sensitive information about the affected component. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Important: Red Hat Single Sign-On 7.3.4 security update on RHEL 6 Advisory ID: RHSA-2019:3044-01 Product: Red Hat Single Sign-On Advisory URL: https://access.redhat.com/errata/RHSA-2019:3044 Issue date: 2019-10-14 CVE Names: CVE-2019-10184 CVE-2019-12086 CVE-2019-12814 CVE-2019-14379 CVE-2019-14820 CVE-2019-14832 =====================================================================
- Summary:
New Red Hat Single Sign-On 7.3.4 packages are now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Single Sign-On 7.3 for RHEL 6 Server - noarch
- Description:
Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.3.4 on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.3.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
-
keycloak: cross-realm user access auth bypass (CVE-2019-14832)
-
keycloak: adapter endpoints are exposed via arbitrary URLs (CVE-2019-14820)
-
jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message (CVE-2019-12814)
-
jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)
-
jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)
-
undertow: Information leak in requests for directories without trailing slashes (CVE-2019-10184)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1649870 - CVE-2019-14820 keycloak: adapter endpoints are exposed via arbitrary URLs 1713068 - CVE-2019-10184 undertow: Information leak in requests for directories without trailing slashes 1713468 - CVE-2019-12086 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server. 1725795 - CVE-2019-12814 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message. 1737517 - CVE-2019-14379 jackson-databind: default typing mishandling leading to remote code execution 1749487 - CVE-2019-14832 keycloak: cross-realm user access auth bypass
- JIRA issues fixed (https://issues.jboss.org/):
KEYCLOAK-11454 - Tracker bug for the RH-SSO 7.3.4 release for RHEL7
- Package List:
Red Hat Single Sign-On 7.3 for RHEL 6 Server:
Source: rh-sso7-keycloak-4.8.13-1.Final_redhat_00001.1.el6sso.src.rpm
noarch: rh-sso7-keycloak-4.8.13-1.Final_redhat_00001.1.el6sso.noarch.rpm rh-sso7-keycloak-server-4.8.13-1.Final_redhat_00001.1.el6sso.noarch.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2019-10184 https://access.redhat.com/security/cve/CVE-2019-12086 https://access.redhat.com/security/cve/CVE-2019-12814 https://access.redhat.com/security/cve/CVE-2019-14379 https://access.redhat.com/security/cve/CVE-2019-14820 https://access.redhat.com/security/cve/CVE-2019-14832 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXaS+r9zjgjWX9erEAQizTBAAmTcTk3Q7rVco9Xx4dWdTBrNeB3cKhnoj Fhkwvdoo4MVgaDWv2P9h9/JFoaCvgw6ZP2ZBbwB0wXq2+F70GFexx/nP44TlL3Kg JBAjCLvYT24Ahtxg9U6bmZwi1++fogj9TfJcC1C7k+TZHvoz3W+BCIO3OFWC2xYb mkT943QgXEALZ+KjAZqG0fE3RvH28zZy1RQO5x0Vb+qr6KTTzEF/VvtQFOiKVtok qyKa+59Ddzr/YLy+QPN4+tOMWNbGJhUnarssUVodgc/1OAEGJLPGB7iez9ekwTNf AzRL9nrMUI+DYs2pz/Cks9aban3uWmjXCn4OxfyBS2vJKiwXIxpHOh8Zfl9NlB7e X2NMGeU34Dem1ofhTErZCDbpkCUHYuiTgaJ53JoWAzVfX3gGb44GFDxN7kQ2DG6q lScmZjNPtI2GJ0h+4L6ViSHOhNOpTSHlfaMsatC4kE50qjNagGC2jcgS9mmYwclX gLuLa+RlbMeZSYSVb4pl2rkKvwdR5tbrLBfznoeT46UPHKT+1Yyd28jlClTNBMoP qroivgayFrYkC/oj0ud0V3POKyxpdZS1rf7GZrwN+etESHn9RZwnzsj413fQtIaw xP5xCmpqGCbBe2JZRLizd+voOn1oZbZSNYpZfGfghQHZ9IuKrECqJ8KQhv5yx2GD cxVVfwDI8os= =akLu -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
The References section of this erratum contains a download link (you must log in to download the update).
The JBoss server process must be restarted for the update to take effect. Solution:
Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications. JIRA issues fixed (https://issues.jboss.org/):
JBEAP-16455 - GSS Upgrade Infinispan from 9.3.6 to 9.3.7 JBEAP-16779 - GSS Upgrade Hibernate ORM from 5.3.10 to 5.3.11 JBEAP-17045 - GSS Upgrade JSF based on Mojarra 2.3.5.SP3-redhat-00001 to 2.3.5.SP3-redhat-00002 JBEAP-17062 - GSS Upgrade Artemis from 2.7.0.redhat-00057 to 2.9.0.redhat-00005 JBEAP-17073 - GSS Upgrade jboss-ejb-client from 4.0.20 to 4.0.23 JBEAP-17109 - (7.2.z) Upgrade XNIO from 3.6.6.Final-redhat-00001 to 3.7.3.Final-redhat-00001 JBEAP-17112 - GSS Upgrade JBoss Remoting from 5.0.12 to 5.0.14.SP1 JBEAP-17142 - Tracker bug for the EAP 7.2.4 release for RHEL-6 JBEAP-17162 - GSS Upgrade jgroups from 4.0.19 to 4.0.20 JBEAP-17178 - (7.2.z) Upgrade IronJacamar from 1.4.16.Final to 1.4.17.Final JBEAP-17182 - (7.2.z) Upgrade PicketLink from 2.5.5.SP12-redhat-00006 to 2.5.5.SP12-redhat-00007 JBEAP-17183 - (7.2.z) Upgrade PicketLink bindings from 2.5.5.SP12-redhat-00006 to 2.5.5.SP12-redhat-00007 JBEAP-17223 - GSS Upgrade WildFly Core from 6.0.15 to 6.0.16 JBEAP-17238 - GSS Upgrade HAL from 3.0.13 to 3.0.16 JBEAP-17250 - GSS Upgrade JBoss MSC from 1.4.5 to 1.4.8 JBEAP-17271 - GSS Upgrade jboss-logmanager from 2.1.7.Final-redhat-00001 to 2.1.14.Final-redhat-00001 JBEAP-17273 - GSS Upgrade jboss-logging from 3.3.2.Final-redhat-00001 to 3.3.3.Final-redhat-00001 JBEAP-17274 - GSS Upgrade Wildfly Elytron from 1.6.3.Final-redhat-00001 to 1.6.4.Final-redhat-00001 JBEAP-17276 - GSS Upgrade wildfly-transaction-client from 1.1.4.Final-redhat-00001 to 1.1.6.Final-redhat-00001 JBEAP-17277 - GSS Upgrade Undertow from 2.0.22 to 2.0.25.SP1 JBEAP-17278 - GSS Upgrade JBoss Marshalling from 2.0.7 to 2.0.9 JBEAP-17294 - GSS Upgrade weld from 3.0.6.Final-redhat-00001 to 3.0.6.Final-redhat-00002 JBEAP-17311 - GSS Upgrade jboss-jaxrs-api_2.1_spec from 1.0.1.Final-redhat-00001 to 1.0.3.Final-redhat-00001 JBEAP-17320 - GSS Upgrade PicketBox from 5.0.3.Final-redhat-3 to 5.0.3.Final-redhat-00004 JBEAP-17321 - GSS Upgrade Narayana from 5.9.3.Final to 5.9.6.Final JBEAP-17334 - (7.2.z) Upgrade Elytron-Tool from 1.4.2 to 1.4.3.Final JBEAP-17527 - GSS Upgrade Hibernate ORM from 5.3.11 to 5.3.11.SP1
Installation instructions are available from the Fuse 7.6.0 product documentation page: https://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/
4
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201907-1547", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "jboss data grid", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "jboss enterprise application platform", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.4" }, { "model": "single sign-on", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.0" }, { "model": "openshift application runtimes", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "jboss enterprise application platform", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.3" }, { "model": "single sign-on", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "undertow", "scope": "lt", "trust": 1.0, "vendor": "redhat", "version": "2.0.23" }, { "model": "jboss enterprise application platform", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.2" }, { "model": "single sign-on", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.3" }, { "model": "jboss enterprise application platform", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.0.0" }, { "model": "openshift application runtimes", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "1.0" }, { "model": "active iq unified manager", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "jboss enterprise application platform", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "jboss enterprise application platform", "scope": null, "trust": 0.8, "vendor": "red hat", "version": null }, { "model": "openshift application runtimes", "scope": null, "trust": 0.8, "vendor": "red hat", "version": null }, { "model": "single sign-on", "scope": null, "trust": 0.8, "vendor": "red hat", "version": null }, { "model": "undertow", "scope": "lt", "trust": 0.8, "vendor": "red hat", "version": "2.0.23" }, { "model": "hat red hat undertow \u003c2.0.23.final", "scope": null, "trust": 0.6, "vendor": "red", "version": null } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-24570" }, { "db": "JVNDB", "id": "JVNDB-2019-007209" }, { "db": "NVD", "id": "CVE-2019-10184" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:redhat:undertow:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.0.23", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:redhat:jboss_data_grid:-:*:*:*:text-only:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:-:*:*:*:text-only:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:openshift_application_runtimes:-:*:*:*:text-only:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:openshift_application_runtimes:1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:single_sign-on:-:*:*:*:text-only:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:redhat:single_sign-on:7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:redhat:single_sign-on:7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:redhat:single_sign-on:7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2019-10184" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Red Hat", "sources": [ { "db": "PACKETSTORM", "id": "154845" }, { "db": "PACKETSTORM", "id": "154843" }, { "db": "PACKETSTORM", "id": "154687" }, { "db": "PACKETSTORM", "id": "154850" }, { "db": "PACKETSTORM", "id": "154672" }, { "db": "PACKETSTORM", "id": "154793" }, { "db": "PACKETSTORM", "id": "156941" }, { "db": "CNNVD", "id": "CNNVD-201907-1345" } ], "trust": 1.3 }, "cve": "CVE-2019-10184", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "None", "baseScore": 5.0, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "CVE-2019-10184", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CNVD-2019-24570", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 3.9, "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "secalert@redhat.com", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "exploitabilityScore": 3.9, "impactScore": 1.4, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "None", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2019-10184", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2019-10184", "trust": 1.8, "value": "HIGH" }, { "author": "secalert@redhat.com", "id": "CVE-2019-10184", "trust": 1.0, "value": "MEDIUM" }, { "author": "CNVD", "id": "CNVD-2019-24570", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201907-1345", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-24570" }, { "db": "JVNDB", "id": "JVNDB-2019-007209" }, { "db": "CNNVD", "id": "CNNVD-201907-1345" }, { "db": "NVD", "id": "CVE-2019-10184" }, { "db": "NVD", "id": "CVE-2019-10184" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api. RedHatUndertow is a Java-based embedded Web server from RedHat, Inc., and is the default web server for Wildfly (Java Application Server). The vulnerability stems from errors in the configuration of the network system or product during operation. An unauthorized attacker can exploit the vulnerability to obtain sensitive information about the affected component. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: Red Hat Single Sign-On 7.3.4 security update on RHEL 6\nAdvisory ID: RHSA-2019:3044-01\nProduct: Red Hat Single Sign-On\nAdvisory URL: https://access.redhat.com/errata/RHSA-2019:3044\nIssue date: 2019-10-14\nCVE Names: CVE-2019-10184 CVE-2019-12086 CVE-2019-12814 \n CVE-2019-14379 CVE-2019-14820 CVE-2019-14832 \n=====================================================================\n\n1. Summary:\n\nNew Red Hat Single Sign-On 7.3.4 packages are now available for Red Hat\nEnterprise Linux 6. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Single Sign-On 7.3 for RHEL 6 Server - noarch\n\n3. Description:\n\nRed Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak\nproject, that provides authentication and standards-based single sign-on\ncapabilities for web and mobile applications. \n\nThis release of Red Hat Single Sign-On 7.3.4 on RHEL 6 serves as a\nreplacement for Red Hat Single Sign-On 7.3.3, and includes bug fixes and\nenhancements, which are documented in the Release Notes document linked to\nin the References. \n\nSecurity Fix(es):\n\n* keycloak: cross-realm user access auth bypass (CVE-2019-14832)\n\n* keycloak: adapter endpoints are exposed via arbitrary URLs\n(CVE-2019-14820)\n\n* jackson-databind: polymorphic typing issue allows attacker to read\narbitrary local files on the server via crafted JSON message\n(CVE-2019-12814)\n\n* jackson-databind: default typing mishandling leading to remote code\nexecution (CVE-2019-14379)\n\n* jackson-databind: polymorphic typing issue allows attacker to read\narbitrary local files on the server (CVE-2019-12086)\n\n* undertow: Information leak in requests for directories without trailing\nslashes (CVE-2019-10184)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1649870 - CVE-2019-14820 keycloak: adapter endpoints are exposed via arbitrary URLs\n1713068 - CVE-2019-10184 undertow: Information leak in requests for directories without trailing slashes\n1713468 - CVE-2019-12086 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server. \n1725795 - CVE-2019-12814 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message. \n1737517 - CVE-2019-14379 jackson-databind: default typing mishandling leading to remote code execution\n1749487 - CVE-2019-14832 keycloak: cross-realm user access auth bypass\n\n6. JIRA issues fixed (https://issues.jboss.org/):\n\nKEYCLOAK-11454 - Tracker bug for the RH-SSO 7.3.4 release for RHEL7\n\n7. Package List:\n\nRed Hat Single Sign-On 7.3 for RHEL 6 Server:\n\nSource:\nrh-sso7-keycloak-4.8.13-1.Final_redhat_00001.1.el6sso.src.rpm\n\nnoarch:\nrh-sso7-keycloak-4.8.13-1.Final_redhat_00001.1.el6sso.noarch.rpm\nrh-sso7-keycloak-server-4.8.13-1.Final_redhat_00001.1.el6sso.noarch.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n8. References:\n\nhttps://access.redhat.com/security/cve/CVE-2019-10184\nhttps://access.redhat.com/security/cve/CVE-2019-12086\nhttps://access.redhat.com/security/cve/CVE-2019-12814\nhttps://access.redhat.com/security/cve/CVE-2019-14379\nhttps://access.redhat.com/security/cve/CVE-2019-14820\nhttps://access.redhat.com/security/cve/CVE-2019-14832\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/\n\n9. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXaS+r9zjgjWX9erEAQizTBAAmTcTk3Q7rVco9Xx4dWdTBrNeB3cKhnoj\nFhkwvdoo4MVgaDWv2P9h9/JFoaCvgw6ZP2ZBbwB0wXq2+F70GFexx/nP44TlL3Kg\nJBAjCLvYT24Ahtxg9U6bmZwi1++fogj9TfJcC1C7k+TZHvoz3W+BCIO3OFWC2xYb\nmkT943QgXEALZ+KjAZqG0fE3RvH28zZy1RQO5x0Vb+qr6KTTzEF/VvtQFOiKVtok\nqyKa+59Ddzr/YLy+QPN4+tOMWNbGJhUnarssUVodgc/1OAEGJLPGB7iez9ekwTNf\nAzRL9nrMUI+DYs2pz/Cks9aban3uWmjXCn4OxfyBS2vJKiwXIxpHOh8Zfl9NlB7e\nX2NMGeU34Dem1ofhTErZCDbpkCUHYuiTgaJ53JoWAzVfX3gGb44GFDxN7kQ2DG6q\nlScmZjNPtI2GJ0h+4L6ViSHOhNOpTSHlfaMsatC4kE50qjNagGC2jcgS9mmYwclX\ngLuLa+RlbMeZSYSVb4pl2rkKvwdR5tbrLBfznoeT46UPHKT+1Yyd28jlClTNBMoP\nqroivgayFrYkC/oj0ud0V3POKyxpdZS1rf7GZrwN+etESHn9RZwnzsj413fQtIaw\nxP5xCmpqGCbBe2JZRLizd+voOn1oZbZSNYpZfGfghQHZ9IuKrECqJ8KQhv5yx2GD\ncxVVfwDI8os=\n=akLu\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). \n\nThe JBoss server process must be restarted for the update to take effect. Solution:\n\nBefore applying this update, back up your existing Red Hat JBoss Enterprise\nApplication Platform installation and deployed applications. JIRA issues fixed (https://issues.jboss.org/):\n\nJBEAP-16455 - [GSS](7.2.z) Upgrade Infinispan from 9.3.6 to 9.3.7\nJBEAP-16779 - [GSS](7.2.z) Upgrade Hibernate ORM from 5.3.10 to 5.3.11\nJBEAP-17045 - [GSS](7.2.z) Upgrade JSF based on Mojarra 2.3.5.SP3-redhat-00001 to 2.3.5.SP3-redhat-00002\nJBEAP-17062 - [GSS](7.2.z) Upgrade Artemis from 2.7.0.redhat-00057 to 2.9.0.redhat-00005\nJBEAP-17073 - [GSS](7.2.z) Upgrade jboss-ejb-client from 4.0.20 to 4.0.23\nJBEAP-17109 - (7.2.z) Upgrade XNIO from 3.6.6.Final-redhat-00001 to 3.7.3.Final-redhat-00001\nJBEAP-17112 - [GSS](7.2.z) Upgrade JBoss Remoting from 5.0.12 to 5.0.14.SP1\nJBEAP-17142 - Tracker bug for the EAP 7.2.4 release for RHEL-6\nJBEAP-17162 - [GSS](7.2.z) Upgrade jgroups from 4.0.19 to 4.0.20\nJBEAP-17178 - (7.2.z) Upgrade IronJacamar from 1.4.16.Final to 1.4.17.Final\nJBEAP-17182 - (7.2.z) Upgrade PicketLink from 2.5.5.SP12-redhat-00006 to 2.5.5.SP12-redhat-00007\nJBEAP-17183 - (7.2.z) Upgrade PicketLink bindings from 2.5.5.SP12-redhat-00006 to 2.5.5.SP12-redhat-00007\nJBEAP-17223 - [GSS](7.2.z) Upgrade WildFly Core from 6.0.15 to 6.0.16\nJBEAP-17238 - [GSS](7.2.z) Upgrade HAL from 3.0.13 to 3.0.16\nJBEAP-17250 - [GSS](7.2.z) Upgrade JBoss MSC from 1.4.5 to 1.4.8\nJBEAP-17271 - [GSS](7.2.z) Upgrade jboss-logmanager from 2.1.7.Final-redhat-00001 to 2.1.14.Final-redhat-00001\nJBEAP-17273 - [GSS](7.2.z) Upgrade jboss-logging from 3.3.2.Final-redhat-00001 to 3.3.3.Final-redhat-00001\nJBEAP-17274 - [GSS](7.2.z) Upgrade Wildfly Elytron from 1.6.3.Final-redhat-00001 to 1.6.4.Final-redhat-00001\nJBEAP-17276 - [GSS](7.2.z) Upgrade wildfly-transaction-client from 1.1.4.Final-redhat-00001 to 1.1.6.Final-redhat-00001\nJBEAP-17277 - [GSS](7.2.z) Upgrade Undertow from 2.0.22 to 2.0.25.SP1\nJBEAP-17278 - [GSS](7.2.z) Upgrade JBoss Marshalling from 2.0.7 to 2.0.9\nJBEAP-17294 - [GSS](7.2.z) Upgrade weld from 3.0.6.Final-redhat-00001 to 3.0.6.Final-redhat-00002\nJBEAP-17311 - [GSS](7.2.z) Upgrade jboss-jaxrs-api_2.1_spec from 1.0.1.Final-redhat-00001 to 1.0.3.Final-redhat-00001\nJBEAP-17320 - [GSS](7.2.z) Upgrade PicketBox from 5.0.3.Final-redhat-3 to 5.0.3.Final-redhat-00004\nJBEAP-17321 - [GSS](7.2.z) Upgrade Narayana from 5.9.3.Final to 5.9.6.Final\nJBEAP-17334 - (7.2.z) Upgrade Elytron-Tool from 1.4.2 to 1.4.3.Final\nJBEAP-17527 - [GSS](7.2.z) Upgrade Hibernate ORM from 5.3.11 to 5.3.11.SP1\n\n7. \n\nInstallation instructions are available from the Fuse 7.6.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/\n\n4", "sources": [ { "db": "NVD", "id": "CVE-2019-10184" }, { "db": "JVNDB", "id": "JVNDB-2019-007209" }, { "db": "CNVD", "id": "CNVD-2019-24570" }, { "db": "PACKETSTORM", "id": "154845" }, { "db": "PACKETSTORM", "id": "154843" }, { "db": "PACKETSTORM", "id": "154687" }, { "db": "PACKETSTORM", "id": "154850" }, { "db": "PACKETSTORM", "id": "154672" }, { "db": "PACKETSTORM", "id": "154793" }, { "db": "PACKETSTORM", "id": "156941" } ], "trust": 2.79 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-10184", "trust": 3.7 }, { "db": "JVNDB", "id": "JVNDB-2019-007209", "trust": 0.8 }, { "db": "PACKETSTORM", "id": "154793", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "156941", "trust": 0.7 }, { "db": "CNVD", "id": "CNVD-2019-24570", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "156628", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "154665", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2019.3672", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.1076", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2019.3805", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.0832", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-201907-1345", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "154845", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "154843", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "154687", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "154850", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "154672", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-24570" }, { "db": "JVNDB", "id": "JVNDB-2019-007209" }, { "db": "PACKETSTORM", "id": "154845" }, { "db": "PACKETSTORM", "id": "154843" }, { "db": "PACKETSTORM", "id": "154687" }, { "db": "PACKETSTORM", "id": "154850" }, { "db": "PACKETSTORM", "id": "154672" }, { "db": "PACKETSTORM", "id": "154793" }, { "db": "PACKETSTORM", "id": "156941" }, { "db": "CNNVD", "id": "CNNVD-201907-1345" }, { "db": "NVD", "id": "CVE-2019-10184" } ] }, "id": "VAR-201907-1547", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2019-24570" } ], "trust": 1.6 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "Network device" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-24570" } ] }, "last_update_date": "2024-07-23T19:38:13.489000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "[UNDERTOW-1578] 401 Unauthorized should be returned when requesting a protected directory without trailing slash #794", "trust": 0.8, "url": "https://github.com/undertow-io/undertow/pull/794" }, { "title": "Bug 1713068", "trust": 0.8, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=cve-2019-10184" }, { "title": "Patch for RedHatUndertow Information Disclosure Vulnerability (CNVD-2019-24570)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/172059" }, { "title": "Red Hat Undertow Repair measures for information disclosure vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=95492" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-24570" }, { "db": "JVNDB", "id": "JVNDB-2019-007209" }, { "db": "CNNVD", "id": "CNNVD-201907-1345" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-862", "trust": 1.0 }, { "problemtype": "CWE-200", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-007209" }, { "db": "NVD", "id": "CVE-2019-10184" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.7, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10184" }, { "trust": 2.3, "url": "https://access.redhat.com/errata/rhsa-2019:3046" }, { "trust": 2.3, "url": "https://access.redhat.com/errata/rhsa-2019:3044" }, { "trust": 2.3, "url": "https://access.redhat.com/errata/rhsa-2019:2938" }, { "trust": 2.3, "url": "https://access.redhat.com/errata/rhsa-2019:3050" }, { "trust": 2.3, "url": "https://access.redhat.com/errata/rhsa-2019:2935" }, { "trust": 2.2, "url": "https://access.redhat.com/errata/rhsa-2019:2937" }, { "trust": 2.2, "url": "https://access.redhat.com/errata/rhsa-2019:2936" }, { "trust": 2.2, "url": "https://access.redhat.com/errata/rhsa-2019:3045" }, { "trust": 1.7, "url": "https://access.redhat.com/errata/rhsa-2019:2998" }, { "trust": 1.6, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=cve-2019-10184" }, { "trust": 1.6, "url": "https://access.redhat.com/errata/rhsa-2020:0727" }, { "trust": 1.6, "url": "https://github.com/undertow-io/undertow/pull/794" }, { "trust": 1.6, "url": "https://security.netapp.com/advisory/ntap-20220210-0016/" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10184" }, { "trust": 0.7, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14379" }, { "trust": 0.7, "url": "https://access.redhat.com/security/cve/cve-2019-10184" }, { "trust": 0.7, "url": "https://access.redhat.com/security/updates/classification/#important" }, { "trust": 0.7, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.7, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.7, "url": "https://bugzilla.redhat.com/):" }, { "trust": 0.7, "url": "https://access.redhat.com/security/cve/cve-2019-14379" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-12086" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-12814" }, { "trust": 0.6, "url": "https://access.redhat.com/security/cve/cve-2019-12814" }, { "trust": 0.6, "url": "https://access.redhat.com/security/cve/cve-2019-12086" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/undertow-information-disclosure-via-trailing-slashes-30482" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2019.3805/" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/154793/red-hat-security-advisory-2019-2998-01.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.0832/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.1076/" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/156628/red-hat-security-advisory-2020-0727-01.html" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/156941/red-hat-security-advisory-2020-0983-01.html" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/154665/red-hat-security-advisory-2019-2937-01.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2019.3672/" }, { "trust": 0.5, "url": "https://issues.jboss.org/):" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-12384" }, { "trust": 0.4, "url": "https://access.redhat.com/security/cve/cve-2019-12384" }, { "trust": 0.3, "url": "https://access.redhat.com/security/cve/cve-2019-14832" }, { "trust": 0.3, "url": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/" }, { "trust": 0.3, "url": "https://access.redhat.com/articles/11258" }, { "trust": 0.3, "url": "https://access.redhat.com/security/cve/cve-2019-14820" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14832" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14820" }, { "trust": 0.3, "url": "https://access.redhat.com/security/team/key/" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10212" }, { "trust": 0.3, "url": "https://access.redhat.com/security/cve/cve-2019-10212" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2019-10202" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10202" }, { "trust": 0.2, "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/" }, { "trust": 0.2, "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2019-3888" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-3888" }, { "trust": 0.1, "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=appplatform\u0026downloadtype=securitypatches\u0026version=7.2" }, { "trust": 0.1, "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=core.service.rhsso\u0026downloadtype=securitypatches\u0026version=7.3" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-3868" }, { "trust": 0.1, "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product\\xcatrhoar.thorntail\u0026version=2.5.0" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-3868" }, { "trust": 0.1, "url": "https://access.redhat.com/documentation/en-us/red_hat_openshift_application_runtimes/1/html/release_notes_for_thorntail_2/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9513" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9514" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9517" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10174" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-9251" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9515" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-11771" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5427" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-9512" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-9514" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-12422" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-9517" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-9515" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5929" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-12422" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14439" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-9516" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-9518" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11272" }, { "trust": 0.1, "url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-17570" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-9513" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-17570" }, { "trust": 0.1, "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=jboss.fuse\u0026version=7.6.0" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2017-5929" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2018-11771" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-14439" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-3802" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9512" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2018-15756" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-5427" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-15756" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-9251" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2017-16012" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-10174" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-11272" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9516" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-3802" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9518" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2017-16012" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2020:0983" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-24570" }, { "db": "JVNDB", "id": "JVNDB-2019-007209" }, { "db": "PACKETSTORM", "id": "154845" }, { "db": "PACKETSTORM", "id": "154843" }, { "db": "PACKETSTORM", "id": "154687" }, { "db": "PACKETSTORM", "id": "154850" }, { "db": "PACKETSTORM", "id": "154672" }, { "db": "PACKETSTORM", "id": "154793" }, { "db": "PACKETSTORM", "id": "156941" }, { "db": "CNNVD", "id": "CNNVD-201907-1345" }, { "db": "NVD", "id": "CVE-2019-10184" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2019-24570" }, { "db": "JVNDB", "id": "JVNDB-2019-007209" }, { "db": "PACKETSTORM", "id": "154845" }, { "db": "PACKETSTORM", "id": "154843" }, { "db": "PACKETSTORM", "id": "154687" }, { "db": "PACKETSTORM", "id": "154850" }, { "db": "PACKETSTORM", "id": "154672" }, { "db": "PACKETSTORM", "id": "154793" }, { "db": "PACKETSTORM", "id": "156941" }, { "db": "CNNVD", "id": "CNNVD-201907-1345" }, { "db": "NVD", "id": "CVE-2019-10184" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-07-29T00:00:00", "db": "CNVD", "id": "CNVD-2019-24570" }, { "date": "2019-08-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-007209" }, { "date": "2019-10-14T23:03:33", "db": "PACKETSTORM", "id": "154845" }, { "date": "2019-10-14T20:22:22", "db": "PACKETSTORM", "id": "154843" }, { "date": "2019-09-30T18:22:22", "db": "PACKETSTORM", "id": "154687" }, { "date": "2019-10-15T00:11:31", "db": "PACKETSTORM", "id": "154850" }, { "date": "2019-09-30T18:22:22", "db": "PACKETSTORM", "id": "154672" }, { "date": "2019-10-10T14:44:58", "db": "PACKETSTORM", "id": "154793" }, { "date": "2020-03-27T13:16:40", "db": "PACKETSTORM", "id": "156941" }, { "date": "2019-07-25T00:00:00", "db": "CNNVD", "id": "CNNVD-201907-1345" }, { "date": "2019-07-25T21:15:11.473000", "db": "NVD", "id": "CVE-2019-10184" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-07-29T00:00:00", "db": "CNVD", "id": "CNVD-2019-24570" }, { "date": "2019-08-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-007209" }, { "date": "2022-03-10T00:00:00", "db": "CNNVD", "id": "CNNVD-201907-1345" }, { "date": "2022-02-20T06:11:42.433000", "db": "NVD", "id": "CVE-2019-10184" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201907-1345" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "undertow Vulnerable to information disclosure", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-007209" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "code execution", "sources": [ { "db": "PACKETSTORM", "id": "154845" }, { "db": "PACKETSTORM", "id": "154843" }, { "db": "PACKETSTORM", "id": "154687" }, { "db": "PACKETSTORM", "id": "154850" }, { "db": "PACKETSTORM", "id": "154672" }, { "db": "PACKETSTORM", "id": "154793" } ], "trust": 0.6 } }
gsd-2019-10184
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2019-10184", "description": "undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.", "id": "GSD-2019-10184", "references": [ "https://access.redhat.com/errata/RHSA-2020:0983", "https://access.redhat.com/errata/RHSA-2020:0727", "https://access.redhat.com/errata/RHSA-2019:3050", "https://access.redhat.com/errata/RHSA-2019:3046", "https://access.redhat.com/errata/RHSA-2019:3045", "https://access.redhat.com/errata/RHSA-2019:3044", "https://access.redhat.com/errata/RHSA-2019:2998", "https://access.redhat.com/errata/RHSA-2019:2938", "https://access.redhat.com/errata/RHSA-2019:2937", "https://access.redhat.com/errata/RHSA-2019:2936", "https://access.redhat.com/errata/RHSA-2019:2935" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2019-10184" ], "details": "undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.", "id": "GSD-2019-10184", "modified": "2023-12-13T01:23:58.248705Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2019-10184", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "undertow", "version": { "version_data": [ { "version_value": "fixed in 2.0.23.Final" } ] } } ] }, "vendor_name": "undertow-io" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api." } ] }, "impact": { "cvss": [ [ { "vectorString": "5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" } ] ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-862" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2019:2937", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2937" }, { "name": "RHSA-2019:2935", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2935" }, { "name": "RHSA-2019:2936", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2936" }, { "name": "RHSA-2019:2938", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2938" }, { "name": "RHSA-2019:2998", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2998" }, { "name": "RHSA-2019:3044", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3044" }, { "name": "RHSA-2019:3045", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3045" }, { "name": "RHSA-2019:3050", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3050" }, { "name": "RHSA-2019:3046", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3046" }, { "name": "RHSA-2020:0727", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2020:0727" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10184", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10184" }, { "name": "https://github.com/undertow-io/undertow/pull/794", "refsource": "CONFIRM", "url": "https://github.com/undertow-io/undertow/pull/794" }, { "name": "https://security.netapp.com/advisory/ntap-20220210-0016/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220210-0016/" } ] } }, "gitlab.com": { "advisories": [ { "affected_range": "(,2.0.23.Final)", "affected_versions": "All versions before 2.0.23.Final", "cvss_v2": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "cwe_ids": [ "CWE-1035", "CWE-862", "CWE-937" ], "date": "2023-03-31", "description": "undertow is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.", "fixed_versions": [ "2.0.23.Final" ], "identifier": "CVE-2019-10184", "identifiers": [ "CVE-2019-10184" ], "not_impacted": "All versions starting from 2.0.23.Final", "package_slug": "maven/io.undertow/undertow-servlet", "pubdate": "2019-07-25", "solution": "Upgrade to version 2.0.23.Final or above.", "title": "Information Exposure", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2019-10184", "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10184" ], "uuid": "e83d7d0f-e6de-4bff-b2c0-ad6ce97684b8" } ] }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:redhat:undertow:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.0.23", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:redhat:jboss_data_grid:-:*:*:*:text-only:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:-:*:*:*:text-only:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:openshift_application_runtimes:-:*:*:*:text-only:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:openshift_application_runtimes:1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:single_sign-on:-:*:*:*:text-only:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:redhat:single_sign-on:7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:redhat:single_sign-on:7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:redhat:single_sign-on:7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2019-10184" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-862" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/undertow-io/undertow/pull/794", "refsource": "CONFIRM", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/undertow-io/undertow/pull/794" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10184", "refsource": "CONFIRM", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10184" }, { "name": "RHSA-2019:2937", "refsource": "REDHAT", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:2937" }, { "name": "RHSA-2019:2936", "refsource": "REDHAT", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:2936" }, { "name": "RHSA-2019:2935", "refsource": "REDHAT", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:2935" }, { "name": "RHSA-2019:2938", "refsource": "REDHAT", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:2938" }, { "name": "RHSA-2019:2998", "refsource": "REDHAT", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:2998" }, { "name": "RHSA-2019:3046", "refsource": "REDHAT", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:3046" }, { "name": "RHSA-2019:3045", "refsource": "REDHAT", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:3045" }, { "name": "RHSA-2019:3044", "refsource": "REDHAT", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:3044" }, { "name": "RHSA-2019:3050", "refsource": "REDHAT", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:3050" }, { "name": "RHSA-2020:0727", "refsource": "REDHAT", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2020:0727" }, { "name": "https://security.netapp.com/advisory/ntap-20220210-0016/", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://security.netapp.com/advisory/ntap-20220210-0016/" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } }, "lastModifiedDate": "2022-02-20T06:11Z", "publishedDate": "2019-07-25T21:15Z" } } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.